General

  • Target

    c3bcae67020d1c7940aa571e29ba2ad7b04f76e24847a2b6ca02abbed06b6007N

  • Size

    78KB

  • Sample

    241020-drpyvawbpd

  • MD5

    b7ba9fd4ecf49849e6fa80a85cea3500

  • SHA1

    ce1148b812c0fabadbbc36ebb9c14a2ca6a3256e

  • SHA256

    c3bcae67020d1c7940aa571e29ba2ad7b04f76e24847a2b6ca02abbed06b6007

  • SHA512

    688d4f28beb0605b59f32430ecf08b05f677fce010861dfa732fab63afd615085b4512da59c9d49733cbad3fce47b0681ef53c8536ba4e577cfa306966c2c77a

  • SSDEEP

    1536:yRCHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQteg9/61BZ:yRCHa3Ln7N041Qqhgeg9/U

Malware Config

Targets

    • Target

      c3bcae67020d1c7940aa571e29ba2ad7b04f76e24847a2b6ca02abbed06b6007N

    • Size

      78KB

    • MD5

      b7ba9fd4ecf49849e6fa80a85cea3500

    • SHA1

      ce1148b812c0fabadbbc36ebb9c14a2ca6a3256e

    • SHA256

      c3bcae67020d1c7940aa571e29ba2ad7b04f76e24847a2b6ca02abbed06b6007

    • SHA512

      688d4f28beb0605b59f32430ecf08b05f677fce010861dfa732fab63afd615085b4512da59c9d49733cbad3fce47b0681ef53c8536ba4e577cfa306966c2c77a

    • SSDEEP

      1536:yRCHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQteg9/61BZ:yRCHa3Ln7N041Qqhgeg9/U

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks