General
-
Target
3c12a4352b314e32f9ad8d1981e018d3ddd7471966cacacfa8cb3f40e515f195
-
Size
78KB
-
Sample
240918-y6twka1hlf
-
MD5
6ba39eb989e271c55cc38dd1bbfaecf7
-
SHA1
dc9572e2f61766fa1552a8ecfc6d98cf6a7fe46b
-
SHA256
3c12a4352b314e32f9ad8d1981e018d3ddd7471966cacacfa8cb3f40e515f195
-
SHA512
fa0724304f3ea0962a8cb18cf04307fb5f4a3d0c86c9d2e4e3c6290bff3dcc23fbeac38af3dbd1763bee7cf44373875cc782ddcbd271db2e74cdad4adbe2333d
-
SSDEEP
1536:guHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte19/715P:guHYnhASyRxvhTzXPvCbW2Ue19/X
Malware Config
Targets
-
-
Target
3c12a4352b314e32f9ad8d1981e018d3ddd7471966cacacfa8cb3f40e515f195
-
Size
78KB
-
MD5
6ba39eb989e271c55cc38dd1bbfaecf7
-
SHA1
dc9572e2f61766fa1552a8ecfc6d98cf6a7fe46b
-
SHA256
3c12a4352b314e32f9ad8d1981e018d3ddd7471966cacacfa8cb3f40e515f195
-
SHA512
fa0724304f3ea0962a8cb18cf04307fb5f4a3d0c86c9d2e4e3c6290bff3dcc23fbeac38af3dbd1763bee7cf44373875cc782ddcbd271db2e74cdad4adbe2333d
-
SSDEEP
1536:guHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte19/715P:guHYnhASyRxvhTzXPvCbW2Ue19/X
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-