Overview

overview

10

Static

static

3

30c09acd90...6N.exe

windows7-x64

10

30c09acd90...6N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    30c09acd90a54ebb70b0fa1527505cc1244f01fbe375c30530d735b615b65446N

  • Size

    78KB

  • Sample

    241110-ngmqvayngl

  • MD5

    6be5e5906618788662adfbf58bdd0000

  • SHA1

    d762a690b3ea3ba01c17b743186f594a3f35c550

  • SHA256

    30c09acd90a54ebb70b0fa1527505cc1244f01fbe375c30530d735b615b65446

  • SHA512

    f817ebd11a868fe31518836a24bac2a3f28462bfafba71a63376ba2795883aaded654f1c790e71a905ca4cb32a232662241e4f5bdd7f40219bfd1d699f006c8c

  • SSDEEP

    1536:WHY6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtt9/W81mO:WHYI3DJywQjDgTLopLwdCFJzt9/v

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      30c09acd90a54ebb70b0fa1527505cc1244f01fbe375c30530d735b615b65446N

    • Size

      78KB

    • MD5

      6be5e5906618788662adfbf58bdd0000

    • SHA1

      d762a690b3ea3ba01c17b743186f594a3f35c550

    • SHA256

      30c09acd90a54ebb70b0fa1527505cc1244f01fbe375c30530d735b615b65446

    • SHA512

      f817ebd11a868fe31518836a24bac2a3f28462bfafba71a63376ba2795883aaded654f1c790e71a905ca4cb32a232662241e4f5bdd7f40219bfd1d699f006c8c

    • SSDEEP

      1536:WHY6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtt9/W81mO:WHYI3DJywQjDgTLopLwdCFJzt9/v

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks