General

  • Target

    2f03b48d9a284dd6560be825b965f8393cb8d5e5bb3bd6a860d4a28be9709623

  • Size

    78KB

  • Sample

    241109-zq8kfs1mhv

  • MD5

    4adfd680023da3bf0963cb67d056a4c8

  • SHA1

    8ba966cef1c6714a4f82cd2039438e56051631f2

  • SHA256

    2f03b48d9a284dd6560be825b965f8393cb8d5e5bb3bd6a860d4a28be9709623

  • SHA512

    fdc61c575eddac41a79dbeb6af0e2b22dc68f8016da18dcde4462dad4e0ba955f60d8091cfebdb64806c70c27f3ddcb45df00d660c588eb7dd252f2dbc88876d

  • SSDEEP

    1536:kc5jSwXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtC67O9/e1Vi:kc5jSoSyRxvY3md+dWWZyjO9//

Malware Config

Targets

    • Target

      2f03b48d9a284dd6560be825b965f8393cb8d5e5bb3bd6a860d4a28be9709623

    • Size

      78KB

    • MD5

      4adfd680023da3bf0963cb67d056a4c8

    • SHA1

      8ba966cef1c6714a4f82cd2039438e56051631f2

    • SHA256

      2f03b48d9a284dd6560be825b965f8393cb8d5e5bb3bd6a860d4a28be9709623

    • SHA512

      fdc61c575eddac41a79dbeb6af0e2b22dc68f8016da18dcde4462dad4e0ba955f60d8091cfebdb64806c70c27f3ddcb45df00d660c588eb7dd252f2dbc88876d

    • SSDEEP

      1536:kc5jSwXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtC67O9/e1Vi:kc5jSoSyRxvY3md+dWWZyjO9//

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks