General
-
Target
7b93efdc1a07b8bcbc298b0b8d474e5a2d350f980199a744f74427c3e02f9e74N
-
Size
78KB
-
Sample
241007-pcwcvsvcjn
-
MD5
cf82230381774993d0cd616c44bb5220
-
SHA1
9c7b188af83e08bd976346a2e6055c99a7fdbae3
-
SHA256
7b93efdc1a07b8bcbc298b0b8d474e5a2d350f980199a744f74427c3e02f9e74
-
SHA512
eb641f5c2fa5984904f0b5c87986417483122c04ecbeea46beb3a945200bc1b5252384a6c68bfc27da6cd5203b76034f8d3c2c36f12ba8ab976bf3c48448e5ed
-
SSDEEP
1536:QRWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte6P9/p1P1:QRWtHshASyRxvhTzXPvCbW2Ue6P9/R
Malware Config
Targets
-
-
Target
7b93efdc1a07b8bcbc298b0b8d474e5a2d350f980199a744f74427c3e02f9e74N
-
Size
78KB
-
MD5
cf82230381774993d0cd616c44bb5220
-
SHA1
9c7b188af83e08bd976346a2e6055c99a7fdbae3
-
SHA256
7b93efdc1a07b8bcbc298b0b8d474e5a2d350f980199a744f74427c3e02f9e74
-
SHA512
eb641f5c2fa5984904f0b5c87986417483122c04ecbeea46beb3a945200bc1b5252384a6c68bfc27da6cd5203b76034f8d3c2c36f12ba8ab976bf3c48448e5ed
-
SSDEEP
1536:QRWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQte6P9/p1P1:QRWtHshASyRxvhTzXPvCbW2Ue6P9/R
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-