Overview

overview

10

Static

static

3

d3bb753861...c8.exe

windows7-x64

10

d3bb753861...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d3bb75386117779fa5b12555fe04212c4ed6920e8a2dae5af27e4ebcbba6fcc8

  • Size

    78KB

  • Sample

    241121-kv4pqsvndq

  • MD5

    12d67b325bddf3008d6a2bbec29d76d4

  • SHA1

    45b0bdace068df0c2e09da72f0159d0b56b1dcc1

  • SHA256

    d3bb75386117779fa5b12555fe04212c4ed6920e8a2dae5af27e4ebcbba6fcc8

  • SHA512

    c495859022f6bccea7d6c181383b189308cd064e20fec06ac0a125cc67936868b2bc796d51c52a16030427dc8ee24e9f2bff8f51146de51eb02e144dc775771d

  • SSDEEP

    1536:LCHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtG9/E1dV:LCHFoI3DJywQjDgTLopLwdCFJzG9/q

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      d3bb75386117779fa5b12555fe04212c4ed6920e8a2dae5af27e4ebcbba6fcc8

    • Size

      78KB

    • MD5

      12d67b325bddf3008d6a2bbec29d76d4

    • SHA1

      45b0bdace068df0c2e09da72f0159d0b56b1dcc1

    • SHA256

      d3bb75386117779fa5b12555fe04212c4ed6920e8a2dae5af27e4ebcbba6fcc8

    • SHA512

      c495859022f6bccea7d6c181383b189308cd064e20fec06ac0a125cc67936868b2bc796d51c52a16030427dc8ee24e9f2bff8f51146de51eb02e144dc775771d

    • SSDEEP

      1536:LCHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtG9/E1dV:LCHFoI3DJywQjDgTLopLwdCFJzG9/q

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks