General
-
Target
ce9e984a86f425de286533d674207ddc19ca5df723d3dc2a4334b14eaed07aa8N
-
Size
78KB
-
Sample
241013-qbv65ssepl
-
MD5
25948a6c3218dbfcaae96f2e3c3a14f0
-
SHA1
f57137bba0e9610dac65f2780f5ffde89f693618
-
SHA256
ce9e984a86f425de286533d674207ddc19ca5df723d3dc2a4334b14eaed07aa8
-
SHA512
d2a3d3d58bae8d1293c4afd7b93253bf2b377043c94740f6720991771ce350a4c448fbbdae9baebd3f4313b97635d3ab9289e94830f3698e07b416b5c7533772
-
SSDEEP
1536:nsHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQts9/R1ss:nsH/3DJywQjDgTLopLwdCFJzs9/l
Malware Config
Targets
-
-
Target
ce9e984a86f425de286533d674207ddc19ca5df723d3dc2a4334b14eaed07aa8N
-
Size
78KB
-
MD5
25948a6c3218dbfcaae96f2e3c3a14f0
-
SHA1
f57137bba0e9610dac65f2780f5ffde89f693618
-
SHA256
ce9e984a86f425de286533d674207ddc19ca5df723d3dc2a4334b14eaed07aa8
-
SHA512
d2a3d3d58bae8d1293c4afd7b93253bf2b377043c94740f6720991771ce350a4c448fbbdae9baebd3f4313b97635d3ab9289e94830f3698e07b416b5c7533772
-
SSDEEP
1536:nsHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQts9/R1ss:nsH/3DJywQjDgTLopLwdCFJzs9/l
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-