Overview

overview

10

Static

static

3

a54f4d3389...7b.exe

windows7-x64

10

a54f4d3389...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a54f4d33896a773e0bd42391d59b675d8603e00364ec2707b12721edf6ddce7b

  • Size

    78KB

  • Sample

    241015-dgvrca1dka

  • MD5

    58577b49ccca0e87888646ee1b5b0257

  • SHA1

    f00a554af5dbaeee16fb4a28312c062b1f02d487

  • SHA256

    a54f4d33896a773e0bd42391d59b675d8603e00364ec2707b12721edf6ddce7b

  • SHA512

    96776b4d8744c8739d3f2599ef92dfffe23bbf678e0ec2d7a1dd6fe01cd890134d76361521b65018e3d8a41f8a6359ea5fdbdb54cc6af80104bab7924a393c5e

  • SSDEEP

    1536:fPWV51pJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtS61i9/Bo12I:fPWV5jJywQjDgTLopLwdCFJzdi9/s

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      a54f4d33896a773e0bd42391d59b675d8603e00364ec2707b12721edf6ddce7b

    • Size

      78KB

    • MD5

      58577b49ccca0e87888646ee1b5b0257

    • SHA1

      f00a554af5dbaeee16fb4a28312c062b1f02d487

    • SHA256

      a54f4d33896a773e0bd42391d59b675d8603e00364ec2707b12721edf6ddce7b

    • SHA512

      96776b4d8744c8739d3f2599ef92dfffe23bbf678e0ec2d7a1dd6fe01cd890134d76361521b65018e3d8a41f8a6359ea5fdbdb54cc6af80104bab7924a393c5e

    • SSDEEP

      1536:fPWV51pJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtS61i9/Bo12I:fPWV5jJywQjDgTLopLwdCFJzdi9/s

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks