metamorpherrat | 65e26c028e2fc8195573c4a1e27469ede9bc3d37ee6720c619dd19b857754df0 | Triage

Sharing

General

Target

03109a8f0dd82913b5735c298fe4c3045a981e8c8b7620e1e02bc26b4e9f23e0N.exe
Size

78KB
Sample

241114-fq8exatrav
MD5

2a433f26e2071e9959eafa90ee2836c9
SHA1

140e058d784bdc39ed3da222299dde870947a9f9
SHA256

65e26c028e2fc8195573c4a1e27469ede9bc3d37ee6720c619dd19b857754df0
SHA512

c2a7e0b19b38b6da0a36cb7fcc06a95956a33fa355a7da97bcc74138e5bcec1e1435edda023ba510a00beb0b7ef89d3ae8c39c764291914be46dc434e9060c60
SSDEEP

1536:Qy5xpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtd6z9/m1oxi:Qy5HJywQjDgTLopLwdCFJz49/Xi

Score

10^/10

metamorpherrat discovery rat stealer trojan

Malware Config

Targets

- Target
  
  03109a8f0dd82913b5735c298fe4c3045a981e8c8b7620e1e02bc26b4e9f23e0N.exe
- Size
  
  78KB
- MD5
  
  2a433f26e2071e9959eafa90ee2836c9
- SHA1
  
  140e058d784bdc39ed3da222299dde870947a9f9
- SHA256
  
  65e26c028e2fc8195573c4a1e27469ede9bc3d37ee6720c619dd19b857754df0
- SHA512
  
  c2a7e0b19b38b6da0a36cb7fcc06a95956a33fa355a7da97bcc74138e5bcec1e1435edda023ba510a00beb0b7ef89d3ae8c39c764291914be46dc434e9060c60
- SSDEEP
  
  1536:Qy5xpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtd6z9/m1oxi:Qy5HJywQjDgTLopLwdCFJz49/Xi
Score

10^/10

metamorpherrat discovery rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Metamorpherrat family
  metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoveryratstealertrojan

behavioral2

metamorpherratdiscoveryratstealertrojan