Overview

overview

10

Static

static

3

3cb69feb67...99.exe

windows7-x64

7

3cb69feb67...99.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cb69feb673453fff02ad4fa6c49a87052408a50740d7ae031e539fdad2f8099.exe

  • Size

    78KB

  • Sample

    241114-eykhdavblg

  • MD5

    1f11a1453b73145b7a2ac0a60d2f7fc3

  • SHA1

    543c2de427870b9cf0d199c821c0f6dd9c9522ec

  • SHA256

    3cb69feb673453fff02ad4fa6c49a87052408a50740d7ae031e539fdad2f8099

  • SHA512

    250af54f6129ce74d211a72150297b29b147f4841b6dabfd92a19a97cf623e51961c5fc29f7f49786a435c50f77a42a6e55a230c941771696e3228e1b3922c29

  • SSDEEP

    1536:Je5jSgpJywt04wbje37TazckwzW4UfSqRovPtoY0BQtC6R9/nb1iHn:Je5jSeJywQj2TLo4UJuXHhZ9/nmn

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      3cb69feb673453fff02ad4fa6c49a87052408a50740d7ae031e539fdad2f8099.exe

    • Size

      78KB

    • MD5

      1f11a1453b73145b7a2ac0a60d2f7fc3

    • SHA1

      543c2de427870b9cf0d199c821c0f6dd9c9522ec

    • SHA256

      3cb69feb673453fff02ad4fa6c49a87052408a50740d7ae031e539fdad2f8099

    • SHA512

      250af54f6129ce74d211a72150297b29b147f4841b6dabfd92a19a97cf623e51961c5fc29f7f49786a435c50f77a42a6e55a230c941771696e3228e1b3922c29

    • SSDEEP

      1536:Je5jSgpJywt04wbje37TazckwzW4UfSqRovPtoY0BQtC6R9/nb1iHn:Je5jSeJywQj2TLo4UJuXHhZ9/nmn

    Score
    10/10
    discoverymetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks