Overview

overview

10

Static

static

3

cd8025c484...4N.exe

windows7-x64

10

cd8025c484...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd8025c4845fe6d05e681a6bb668efe97ddd1899d23d5ad378080c6e2b202a94N

  • Size

    78KB

  • Sample

    241109-gkkmbsygpa

  • MD5

    ca7583847cf90a0434f961c3951d08b0

  • SHA1

    d639286f4cc2cd8ac5c8d484519ee803f0983699

  • SHA256

    cd8025c4845fe6d05e681a6bb668efe97ddd1899d23d5ad378080c6e2b202a94

  • SHA512

    7c102cb7ace48ba871ccb3daea3a720bba98930aa73140c2cec1ef3c76ee706c98655b73c8e22d88c058e8f7af0996f3c8e81ef78dc20157d13ae52f65ebf847

  • SSDEEP

    1536:bCHF3JIfpJywt04wbje37TazckwzW4UfSqRovPtoY0BQt1t9/0H1ow:bCHF5IhJywQj2TLo4UJuXHh1t9/s

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      cd8025c4845fe6d05e681a6bb668efe97ddd1899d23d5ad378080c6e2b202a94N

    • Size

      78KB

    • MD5

      ca7583847cf90a0434f961c3951d08b0

    • SHA1

      d639286f4cc2cd8ac5c8d484519ee803f0983699

    • SHA256

      cd8025c4845fe6d05e681a6bb668efe97ddd1899d23d5ad378080c6e2b202a94

    • SHA512

      7c102cb7ace48ba871ccb3daea3a720bba98930aa73140c2cec1ef3c76ee706c98655b73c8e22d88c058e8f7af0996f3c8e81ef78dc20157d13ae52f65ebf847

    • SSDEEP

      1536:bCHF3JIfpJywt04wbje37TazckwzW4UfSqRovPtoY0BQt1t9/0H1ow:bCHF5IhJywQj2TLo4UJuXHh1t9/s

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks