Overview

overview

10

Static

static

3

33f7f66665...dN.exe

windows7-x64

7

33f7f66665...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33f7f66665c08153601d8fcd5f84defba46cf09af23cfcc72361f2a17d49d63dN

  • Size

    78KB

  • Sample

    241006-brlkbayejr

  • MD5

    b0ec359e94b58d69c223e0ddf544c000

  • SHA1

    be2360bf717a87109b52995bd815b5b1d22f5d17

  • SHA256

    33f7f66665c08153601d8fcd5f84defba46cf09af23cfcc72361f2a17d49d63d

  • SHA512

    ac7a5b1c0a44a830affea41673122a599765b9cdb3ae2b59bd1aaecbbcc6eb201b928831b4bf023bf5c8b59eb077c5b37caf6a2b6b864c720602ec04b09b879f

  • SSDEEP

    1536:5CHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtW9/61b8:5CHYnhASyRxvhTzXPvCbW2UW9/3

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      33f7f66665c08153601d8fcd5f84defba46cf09af23cfcc72361f2a17d49d63dN

    • Size

      78KB

    • MD5

      b0ec359e94b58d69c223e0ddf544c000

    • SHA1

      be2360bf717a87109b52995bd815b5b1d22f5d17

    • SHA256

      33f7f66665c08153601d8fcd5f84defba46cf09af23cfcc72361f2a17d49d63d

    • SHA512

      ac7a5b1c0a44a830affea41673122a599765b9cdb3ae2b59bd1aaecbbcc6eb201b928831b4bf023bf5c8b59eb077c5b37caf6a2b6b864c720602ec04b09b879f

    • SSDEEP

      1536:5CHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtW9/61b8:5CHYnhASyRxvhTzXPvCbW2UW9/3

    Score
    10/10
    discoverypersistencemetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks