General
-
Target
8153087dbc258f47556148be5da4f5aab0c12ef0a884b6cdab6eff3a8cef45b3
-
Size
78KB
-
Sample
241014-ald3lstdnb
-
MD5
7bfbe9f42a7aa4e975f7946d44b3260f
-
SHA1
35b0151f326b99687a8344c5af9e3fb431499ec9
-
SHA256
8153087dbc258f47556148be5da4f5aab0c12ef0a884b6cdab6eff3a8cef45b3
-
SHA512
7b8d5113fc2642541da57bef8cc7f53eaab22dc0f7c25c93f274ebf9ee17395912e494ebe86b3804547f5677a9bcf2d493a4fdee2f6dbd5501c628d848ea89f1
-
SSDEEP
1536:9RWtHF3M7t/vZv0kH9gDDtWzYCnJPeoYrGQtRk9/O1GD:9RWtHF8h/l0Y9MDYrm7Rk9/H
Malware Config
Targets
-
-
Target
8153087dbc258f47556148be5da4f5aab0c12ef0a884b6cdab6eff3a8cef45b3
-
Size
78KB
-
MD5
7bfbe9f42a7aa4e975f7946d44b3260f
-
SHA1
35b0151f326b99687a8344c5af9e3fb431499ec9
-
SHA256
8153087dbc258f47556148be5da4f5aab0c12ef0a884b6cdab6eff3a8cef45b3
-
SHA512
7b8d5113fc2642541da57bef8cc7f53eaab22dc0f7c25c93f274ebf9ee17395912e494ebe86b3804547f5677a9bcf2d493a4fdee2f6dbd5501c628d848ea89f1
-
SSDEEP
1536:9RWtHF3M7t/vZv0kH9gDDtWzYCnJPeoYrGQtRk9/O1GD:9RWtHF8h/l0Y9MDYrm7Rk9/H
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-