General

  • Target

    433f9e08450c865408992f95fc352ecaefdd393e45180860da2013da0d4a92acN

  • Size

    78KB

  • Sample

    241026-eba1esyhqg

  • MD5

    cfe6ac06bb6a68282f85501256dd9f10

  • SHA1

    f12fa1d8fd6ac173c268447d5eecc7a19512d722

  • SHA256

    433f9e08450c865408992f95fc352ecaefdd393e45180860da2013da0d4a92ac

  • SHA512

    192f6d12ab6eed250be89914706fbee692a853c74dd6c3ed17dbe6091178d37aa2729ef01f68f2ceca3b09dc3ba7716f39518bd4bd4500836d080d7e0273bed4

  • SSDEEP

    1536:UPCHFo6M7t/vZv0kH9gDDtWzYCnJPeoYrGQt49/Ix15F:UPCHFonh/l0Y9MDYrm749/I3

Malware Config

Targets

    • Target

      433f9e08450c865408992f95fc352ecaefdd393e45180860da2013da0d4a92acN

    • Size

      78KB

    • MD5

      cfe6ac06bb6a68282f85501256dd9f10

    • SHA1

      f12fa1d8fd6ac173c268447d5eecc7a19512d722

    • SHA256

      433f9e08450c865408992f95fc352ecaefdd393e45180860da2013da0d4a92ac

    • SHA512

      192f6d12ab6eed250be89914706fbee692a853c74dd6c3ed17dbe6091178d37aa2729ef01f68f2ceca3b09dc3ba7716f39518bd4bd4500836d080d7e0273bed4

    • SSDEEP

      1536:UPCHFo6M7t/vZv0kH9gDDtWzYCnJPeoYrGQt49/Ix15F:UPCHFonh/l0Y9MDYrm749/I3

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks