Overview

overview

10

Static

static

3

a8292e7f6e...2N.exe

windows7-x64

10

a8292e7f6e...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a8292e7f6ebbec53825af1141df019ff186ce49aaba04b4be18831398aad2fa2N

  • Size

    78KB

  • Sample

    241022-qmezasyfpq

  • MD5

    48cb801e22778f2bcb604511d8cb1010

  • SHA1

    d131055e05f7dd79e85b28142b665b1175fb6a1e

  • SHA256

    a8292e7f6ebbec53825af1141df019ff186ce49aaba04b4be18831398aad2fa2

  • SHA512

    f03ceb8c608f3c9714ea082225f7de0721feb72300e6de5311bd80bc8c5b8954f0795a967662d81cd87ba0b3c0eb7315603b9ad03469fe3d0df5a7255a93b63a

  • SSDEEP

    1536:xy5jVvZv0kH9gDDtWzYCnJPeoYrGQt961M9/O1qw:xy5jVl0Y9MDYrm7GM9/s

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      a8292e7f6ebbec53825af1141df019ff186ce49aaba04b4be18831398aad2fa2N

    • Size

      78KB

    • MD5

      48cb801e22778f2bcb604511d8cb1010

    • SHA1

      d131055e05f7dd79e85b28142b665b1175fb6a1e

    • SHA256

      a8292e7f6ebbec53825af1141df019ff186ce49aaba04b4be18831398aad2fa2

    • SHA512

      f03ceb8c608f3c9714ea082225f7de0721feb72300e6de5311bd80bc8c5b8954f0795a967662d81cd87ba0b3c0eb7315603b9ad03469fe3d0df5a7255a93b63a

    • SSDEEP

      1536:xy5jVvZv0kH9gDDtWzYCnJPeoYrGQt961M9/O1qw:xy5jVl0Y9MDYrm7GM9/s

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks