General
-
Target
f535d466ac391e82fdbefdbbb4a6b1ce3b9e379cff0ae451dd6044c3a13f7014N
-
Size
78KB
-
Sample
241026-fzyl3a1gpj
-
MD5
312b2cc8ea25af01ca9df477c4d04740
-
SHA1
035d33b077c0b6893428915cb39bc8d6e6c3fa96
-
SHA256
f535d466ac391e82fdbefdbbb4a6b1ce3b9e379cff0ae451dd6044c3a13f7014
-
SHA512
6d8b1ac8f8ec0d2549a25ceb66e4a8d21047807901c73824b3c0302ed58a08e113e31646a202f70dedf79406c193bd7e783c80547e7481c4099ff9e144a95577
-
SSDEEP
1536:/WtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtRx9/b21bZ:/WtHshASyRxvhTzXPvCbW2URx9/2
Malware Config
Targets
-
-
Target
f535d466ac391e82fdbefdbbb4a6b1ce3b9e379cff0ae451dd6044c3a13f7014N
-
Size
78KB
-
MD5
312b2cc8ea25af01ca9df477c4d04740
-
SHA1
035d33b077c0b6893428915cb39bc8d6e6c3fa96
-
SHA256
f535d466ac391e82fdbefdbbb4a6b1ce3b9e379cff0ae451dd6044c3a13f7014
-
SHA512
6d8b1ac8f8ec0d2549a25ceb66e4a8d21047807901c73824b3c0302ed58a08e113e31646a202f70dedf79406c193bd7e783c80547e7481c4099ff9e144a95577
-
SSDEEP
1536:/WtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtRx9/b21bZ:/WtHshASyRxvhTzXPvCbW2URx9/2
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-