metamorpherrat | 2db3dbc2d47de9fc7df3f48f4b8534cce6d2bcb4b6da23cadb28793fcd7700c1 | Triage

Sharing

General

Target

2db3dbc2d47de9fc7df3f48f4b8534cce6d2bcb4b6da23cadb28793fcd7700c1N
Size

78KB
Sample

241022-ek9kcawcrb
MD5

7302df4d178efb9c92619bd6c5687fa0
SHA1

336b110f1f5fa2277f13c9fdbb9c5866ecc2ee80
SHA256

2db3dbc2d47de9fc7df3f48f4b8534cce6d2bcb4b6da23cadb28793fcd7700c1
SHA512

e68debadb28ead4f210bc6b37cdc4d1a2a4d3d4db6179e779a98aedad38ba94f0269512409f7ece17bd6dfac27440b6c0c39189bae42c4aa4e58d47fcf2f1fdc
SSDEEP

1536:TCHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQt/09/g10E:TCH/3DJywQjDgTLopLwdCFJzM9/w

Score

10^/10

metamorpherrat discovery rat stealer trojan

Malware Config

Targets

- Target
  
  2db3dbc2d47de9fc7df3f48f4b8534cce6d2bcb4b6da23cadb28793fcd7700c1N
- Size
  
  78KB
- MD5
  
  7302df4d178efb9c92619bd6c5687fa0
- SHA1
  
  336b110f1f5fa2277f13c9fdbb9c5866ecc2ee80
- SHA256
  
  2db3dbc2d47de9fc7df3f48f4b8534cce6d2bcb4b6da23cadb28793fcd7700c1
- SHA512
  
  e68debadb28ead4f210bc6b37cdc4d1a2a4d3d4db6179e779a98aedad38ba94f0269512409f7ece17bd6dfac27440b6c0c39189bae42c4aa4e58d47fcf2f1fdc
- SSDEEP
  
  1536:TCHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQt/09/g10E:TCH/3DJywQjDgTLopLwdCFJzM9/w
Score

10^/10

metamorpherrat discovery rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoveryratstealertrojan

behavioral2

metamorpherratdiscoveryratstealertrojan