metamorpherrat | 897215a2e9493bd9f7b9c830236d4398fff83451eb65983eb807256902394f4e | Triage

Sharing

General

Target

897215a2e9493bd9f7b9c830236d4398fff83451eb65983eb807256902394f4eN.exe
Size

78KB
Sample

240926-e7sv4sxgkp
MD5

06cbd6dcdac61b56497ed32e887aac80
SHA1

d427f13e4c3e23965a38d45342c934d1ed167479
SHA256

897215a2e9493bd9f7b9c830236d4398fff83451eb65983eb807256902394f4e
SHA512

97d0e7156cbc4f91726969455271effba2db247cb0b5b1f2154f820a8612715627557c197bd8c7fee0d0a991def9f8cf9622c65b463fc4f291dae4edce095e4a
SSDEEP

1536:se5OXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtC6549/51bW:se5GSyRxvhTzXPvCbW2UR49/u

Score

10^/10

metamorpherrat discovery persistence rat stealer trojan

Malware Config

Targets

- Target
  
  897215a2e9493bd9f7b9c830236d4398fff83451eb65983eb807256902394f4eN.exe
- Size
  
  78KB
- MD5
  
  06cbd6dcdac61b56497ed32e887aac80
- SHA1
  
  d427f13e4c3e23965a38d45342c934d1ed167479
- SHA256
  
  897215a2e9493bd9f7b9c830236d4398fff83451eb65983eb807256902394f4e
- SHA512
  
  97d0e7156cbc4f91726969455271effba2db247cb0b5b1f2154f820a8612715627557c197bd8c7fee0d0a991def9f8cf9622c65b463fc4f291dae4edce095e4a
- SSDEEP
  
  1536:se5OXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtC6549/51bW:se5GSyRxvhTzXPvCbW2UR49/u
Score

10^/10

metamorpherrat discovery persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoverypersistenceratstealertrojan

behavioral2

metamorpherratdiscoverypersistenceratstealertrojan