metamorpherrat | 9eb0fd18cdb9d015595fad290e9968f30f706f898644134ecc4a9e543402d4ce | Triage

Sharing

General

Target

9eb0fd18cdb9d015595fad290e9968f30f706f898644134ecc4a9e543402d4ce
Size

78KB
Sample

241021-bg8l4a1arf
MD5

a65d5471494205d04c4d4af7d76c4a48
SHA1

5ad8f0f736afb35a120891d67c1f5b8861cec767
SHA256

9eb0fd18cdb9d015595fad290e9968f30f706f898644134ecc4a9e543402d4ce
SHA512

b0750bab52331c52b9223eeeadf7229b61f53da7eb3de335788661e94f01a87dde7d67fad38fa4b41c1f6488c7480016905717e6216b16a206936b7fc02b94ea
SSDEEP

1536:gxWV58IpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti6U9/u1zo:sWV58mJywQjDgTLopLwdCFJzc9/L

Score

10^/10

metamorpherrat discovery rat stealer trojan

Malware Config

Targets

- Target
  
  9eb0fd18cdb9d015595fad290e9968f30f706f898644134ecc4a9e543402d4ce
- Size
  
  78KB
- MD5
  
  a65d5471494205d04c4d4af7d76c4a48
- SHA1
  
  5ad8f0f736afb35a120891d67c1f5b8861cec767
- SHA256
  
  9eb0fd18cdb9d015595fad290e9968f30f706f898644134ecc4a9e543402d4ce
- SHA512
  
  b0750bab52331c52b9223eeeadf7229b61f53da7eb3de335788661e94f01a87dde7d67fad38fa4b41c1f6488c7480016905717e6216b16a206936b7fc02b94ea
- SSDEEP
  
  1536:gxWV58IpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti6U9/u1zo:sWV58mJywQjDgTLopLwdCFJzc9/L
Score

10^/10

metamorpherrat discovery rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoveryratstealertrojan

behavioral2

metamorpherratdiscoveryratstealertrojan