metamorpherrat | 4f6123bee202f302bada336f2653a387103bdd1fe60ee5bdd7af60096fe09e27 | Triage

Sharing

General

Target

4f6123bee202f302bada336f2653a387103bdd1fe60ee5bdd7af60096fe09e27N
Size

78KB
Sample

241001-qggwps1dpl
MD5

f087f48ca7dbe075208a9857f2da67f0
SHA1

eba1417348a65af6b5c950e8b7c632ecdbf2cd6b
SHA256

4f6123bee202f302bada336f2653a387103bdd1fe60ee5bdd7af60096fe09e27
SHA512

34ae56909de0f66a9b2a7416456970ee5624dfc940958f986a85074c8c9fdcac8d7e5cc6d467279dc6479e3fd4e1d49f6d8591b82688a2395626e327138b8334
SSDEEP

1536:be58fXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6g9/0xE21J7:be58/SyRxvhTzXPvCbW2UY9/0

Score

10^/10

metamorpherrat discovery persistence rat stealer trojan

Malware Config

Targets

- Target
  
  4f6123bee202f302bada336f2653a387103bdd1fe60ee5bdd7af60096fe09e27N
- Size
  
  78KB
- MD5
  
  f087f48ca7dbe075208a9857f2da67f0
- SHA1
  
  eba1417348a65af6b5c950e8b7c632ecdbf2cd6b
- SHA256
  
  4f6123bee202f302bada336f2653a387103bdd1fe60ee5bdd7af60096fe09e27
- SHA512
  
  34ae56909de0f66a9b2a7416456970ee5624dfc940958f986a85074c8c9fdcac8d7e5cc6d467279dc6479e3fd4e1d49f6d8591b82688a2395626e327138b8334
- SSDEEP
  
  1536:be58fXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQty6g9/0xE21J7:be58/SyRxvhTzXPvCbW2UY9/0
Score

10^/10

metamorpherrat discovery persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoverypersistenceratstealertrojan

behavioral2

metamorpherratdiscoverypersistenceratstealertrojan