metamorpherrat | 92d4d3494e7edc1c4c7a2eb3466cfafd2d53d77b72674844337e5d2f8b0b6369 | Triage

Sharing

General

Target

92d4d3494e7edc1c4c7a2eb3466cfafd2d53d77b72674844337e5d2f8b0b6369N
Size

78KB
Sample

241023-lspy8stanb
MD5

45214b778b2bb1a486868d6f6c4c0930
SHA1

3cc4a98c1531d378fc63079f94840bf581f25348
SHA256

92d4d3494e7edc1c4c7a2eb3466cfafd2d53d77b72674844337e5d2f8b0b6369
SHA512

9f3627b77b44bc2ecfea10294e4573e95908904f6b838692861c4dc382d9246a1c723167b13e70a7a55bbb92688bd6841c967d9136321aef396c7da5dfee4c90
SSDEEP

1536:lVPy5QpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti6hI9/E17g:PPy5uJywQjDgTLopLwdCFJzu9/B

Score

10^/10

metamorpherrat discovery rat stealer trojan

Malware Config

Targets

- Target
  
  92d4d3494e7edc1c4c7a2eb3466cfafd2d53d77b72674844337e5d2f8b0b6369N
- Size
  
  78KB
- MD5
  
  45214b778b2bb1a486868d6f6c4c0930
- SHA1
  
  3cc4a98c1531d378fc63079f94840bf581f25348
- SHA256
  
  92d4d3494e7edc1c4c7a2eb3466cfafd2d53d77b72674844337e5d2f8b0b6369
- SHA512
  
  9f3627b77b44bc2ecfea10294e4573e95908904f6b838692861c4dc382d9246a1c723167b13e70a7a55bbb92688bd6841c967d9136321aef396c7da5dfee4c90
- SSDEEP
  
  1536:lVPy5QpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti6hI9/E17g:PPy5uJywQjDgTLopLwdCFJzu9/B
Score

10^/10

metamorpherrat discovery rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoveryratstealertrojan

behavioral2

metamorpherratdiscoveryratstealertrojan