Overview

overview

10

Static

static

3

03109a8f0d...0N.exe

windows7-x64

10

03109a8f0d...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03109a8f0dd82913b5735c298fe4c3045a981e8c8b7620e1e02bc26b4e9f23e0N

  • Size

    78KB

  • Sample

    241111-cwzs6szhmr

  • MD5

    3c45405aa914a6f3b5fc9b7ca48701a0

  • SHA1

    375daa058d89e5fcf72f55bc2f05b4e267dabebe

  • SHA256

    03109a8f0dd82913b5735c298fe4c3045a981e8c8b7620e1e02bc26b4e9f23e0

  • SHA512

    83eea3a03004ebf292859ca86729767b966aec648f61b12031a772a76f2fb403fa47f988ff2a1d1480a174f39d93417b703a0a22bc57f606a1aef43b14c93307

  • SSDEEP

    1536:Qy5xpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtd6z9/m1ox:Qy5HJywQjDgTLopLwdCFJz49/X

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      03109a8f0dd82913b5735c298fe4c3045a981e8c8b7620e1e02bc26b4e9f23e0N

    • Size

      78KB

    • MD5

      3c45405aa914a6f3b5fc9b7ca48701a0

    • SHA1

      375daa058d89e5fcf72f55bc2f05b4e267dabebe

    • SHA256

      03109a8f0dd82913b5735c298fe4c3045a981e8c8b7620e1e02bc26b4e9f23e0

    • SHA512

      83eea3a03004ebf292859ca86729767b966aec648f61b12031a772a76f2fb403fa47f988ff2a1d1480a174f39d93417b703a0a22bc57f606a1aef43b14c93307

    • SSDEEP

      1536:Qy5xpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtd6z9/m1ox:Qy5HJywQjDgTLopLwdCFJz49/X

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks