General
-
Target
ff696707f05db3738da3a9ba22c17809ed38e3a3d7e7628bf09be02e59e64341N
-
Size
78KB
-
Sample
241012-nadvcsxdpc
-
MD5
8ea499895ddd14eeec8e563398023090
-
SHA1
c8811038c9384bea1829d29664990f1aca97da22
-
SHA256
ff696707f05db3738da3a9ba22c17809ed38e3a3d7e7628bf09be02e59e64341
-
SHA512
0b3c546bc74cd25ef2352b4cb4c9b0a0867b315d18c08b922012df3bb168ef1f20e27fc6fa9f646481068cc8300b4e25ae36c35604eeb7892cb07f3b764d5ef2
-
SSDEEP
1536:VsHFo6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtq9/6D1EV:VsHFo53Ln7N041Qqhgq9/6K
Static task
static1
Behavioral task
behavioral1
Sample
ff696707f05db3738da3a9ba22c17809ed38e3a3d7e7628bf09be02e59e64341N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ff696707f05db3738da3a9ba22c17809ed38e3a3d7e7628bf09be02e59e64341N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ff696707f05db3738da3a9ba22c17809ed38e3a3d7e7628bf09be02e59e64341N
-
Size
78KB
-
MD5
8ea499895ddd14eeec8e563398023090
-
SHA1
c8811038c9384bea1829d29664990f1aca97da22
-
SHA256
ff696707f05db3738da3a9ba22c17809ed38e3a3d7e7628bf09be02e59e64341
-
SHA512
0b3c546bc74cd25ef2352b4cb4c9b0a0867b315d18c08b922012df3bb168ef1f20e27fc6fa9f646481068cc8300b4e25ae36c35604eeb7892cb07f3b764d5ef2
-
SSDEEP
1536:VsHFo6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtq9/6D1EV:VsHFo53Ln7N041Qqhgq9/6K
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-