Overview

overview

10

Static

static

3

f13339a7bd...7N.exe

windows7-x64

10

f13339a7bd...7N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f13339a7bd320b253086d507c6bb7e7c5bdb7884d1fb4623a72d40f1d13f0377N

  • Size

    78KB

  • Sample

    241108-aqws8a1ekb

  • MD5

    a4d8dfa944c2bcea6717f71dc5da13c0

  • SHA1

    2cbb021cc24b464aec32d60053651bc0d8141627

  • SHA256

    f13339a7bd320b253086d507c6bb7e7c5bdb7884d1fb4623a72d40f1d13f0377

  • SHA512

    d14bb1a23e31ee6298c7746e5e3d77ad6a56bf9123c9f7dc67a14d13e3bf59cf8392fd48d4ed5eba688efc4437f4fac646188c465b9e55dbd6545b0f9e80ec41

  • SSDEEP

    1536:RPCHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtM9/w1o3:RPCHFoI3DJywQjDgTLopLwdCFJzM9/P

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      f13339a7bd320b253086d507c6bb7e7c5bdb7884d1fb4623a72d40f1d13f0377N

    • Size

      78KB

    • MD5

      a4d8dfa944c2bcea6717f71dc5da13c0

    • SHA1

      2cbb021cc24b464aec32d60053651bc0d8141627

    • SHA256

      f13339a7bd320b253086d507c6bb7e7c5bdb7884d1fb4623a72d40f1d13f0377

    • SHA512

      d14bb1a23e31ee6298c7746e5e3d77ad6a56bf9123c9f7dc67a14d13e3bf59cf8392fd48d4ed5eba688efc4437f4fac646188c465b9e55dbd6545b0f9e80ec41

    • SSDEEP

      1536:RPCHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtM9/w1o3:RPCHFoI3DJywQjDgTLopLwdCFJzM9/P

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks