General
-
Target
7cfcae244ac6874f2b32461bc5951211_JaffaCakes118
-
Size
78KB
-
Sample
241029-2mhkzaznfx
-
MD5
7cfcae244ac6874f2b32461bc5951211
-
SHA1
87cf097cd28d5ac97686d19a74553c22fc681e38
-
SHA256
c190c36ae18f007b7bb7d75ce40184beeae22f8943a35ca6bc010f6398828c74
-
SHA512
d54f70e2c23393729dc493f52465b73e2dbf9aa52ae28b9f6bfd3032d8a1140eabc5a116cd0f4cf91ad40069a80992b12741e77d8b0dc89e5b4208fc1612189b
-
SSDEEP
1536:6WtHHrdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLl9/n1yS:6WtHLdSE2EwR4uY41HyvYLl9/n
Malware Config
Targets
-
-
Target
7cfcae244ac6874f2b32461bc5951211_JaffaCakes118
-
Size
78KB
-
MD5
7cfcae244ac6874f2b32461bc5951211
-
SHA1
87cf097cd28d5ac97686d19a74553c22fc681e38
-
SHA256
c190c36ae18f007b7bb7d75ce40184beeae22f8943a35ca6bc010f6398828c74
-
SHA512
d54f70e2c23393729dc493f52465b73e2dbf9aa52ae28b9f6bfd3032d8a1140eabc5a116cd0f4cf91ad40069a80992b12741e77d8b0dc89e5b4208fc1612189b
-
SSDEEP
1536:6WtHHrdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLl9/n1yS:6WtHLdSE2EwR4uY41HyvYLl9/n
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-