Overview

overview

10

Static

static

3

5444b7897f...eN.exe

windows7-x64

7

5444b7897f...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5444b7897f710ea66ac6ce0147fcdbaf5380f8f7b0eb7132a43a805642fda42eN

  • Size

    78KB

  • Sample

    241014-e63nxstanm

  • MD5

    2486664600f0e3671dd48e0dce874280

  • SHA1

    5c73edba61cfdd544daebb8ca1abc29123a42e99

  • SHA256

    5444b7897f710ea66ac6ce0147fcdbaf5380f8f7b0eb7132a43a805642fda42e

  • SHA512

    3f3c477bf8f20337eab5aab91f57e466b26d6314a8a1f780281a7fdab09279fc8b8f86cc6d132ff3668da8540e04aa6e6b1ca1e13c08c020188318c4dd01a945

  • SSDEEP

    1536:Uy5jS6vZv0kH9gDDtWzYCnJPeoYrGQty6j9/O1L1:Uy5jS6l0Y9MDYrm7r9/G

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      5444b7897f710ea66ac6ce0147fcdbaf5380f8f7b0eb7132a43a805642fda42eN

    • Size

      78KB

    • MD5

      2486664600f0e3671dd48e0dce874280

    • SHA1

      5c73edba61cfdd544daebb8ca1abc29123a42e99

    • SHA256

      5444b7897f710ea66ac6ce0147fcdbaf5380f8f7b0eb7132a43a805642fda42e

    • SHA512

      3f3c477bf8f20337eab5aab91f57e466b26d6314a8a1f780281a7fdab09279fc8b8f86cc6d132ff3668da8540e04aa6e6b1ca1e13c08c020188318c4dd01a945

    • SSDEEP

      1536:Uy5jS6vZv0kH9gDDtWzYCnJPeoYrGQty6j9/O1L1:Uy5jS6l0Y9MDYrm7r9/G

    Score
    10/10
    discoverypersistencemetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks