General

  • Target

    79de67f43715e37caee15c1cc1b12a8456db2e72eab9c0131ce3a79f6fcf7f78N

  • Size

    78KB

  • Sample

    241105-tz1y3svfnn

  • MD5

    83abbc2fa12cce90a34623228d1cf060

  • SHA1

    ccdefc4083b6f4a01cc9b5647a5a5555942794d6

  • SHA256

    79de67f43715e37caee15c1cc1b12a8456db2e72eab9c0131ce3a79f6fcf7f78

  • SHA512

    0c8b8deb59d1a9aa400a2ed6e20bb4dac18912b7aec6f5cbf00b78e663b556692da17f1bc8c8ef3fcd1bf4587a85dc640a3a9d91aa438e9b179a805dd1a1c92d

  • SSDEEP

    1536:9MV55AlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtW6ta9/k1Va:WV55AtWDDILJLovbicqOq3o+nw9/J

Malware Config

Targets

    • Target

      79de67f43715e37caee15c1cc1b12a8456db2e72eab9c0131ce3a79f6fcf7f78N

    • Size

      78KB

    • MD5

      83abbc2fa12cce90a34623228d1cf060

    • SHA1

      ccdefc4083b6f4a01cc9b5647a5a5555942794d6

    • SHA256

      79de67f43715e37caee15c1cc1b12a8456db2e72eab9c0131ce3a79f6fcf7f78

    • SHA512

      0c8b8deb59d1a9aa400a2ed6e20bb4dac18912b7aec6f5cbf00b78e663b556692da17f1bc8c8ef3fcd1bf4587a85dc640a3a9d91aa438e9b179a805dd1a1c92d

    • SSDEEP

      1536:9MV55AlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtW6ta9/k1Va:WV55AtWDDILJLovbicqOq3o+nw9/J

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks