Overview

overview

10

Static

static

3

9086750bfc...18.exe

windows7-x64

7

9086750bfc...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9086750bfcb440650c84a14318bed8ec_JaffaCakes118

  • Size

    78KB

  • Sample

    241123-zd2alsvngx

  • MD5

    9086750bfcb440650c84a14318bed8ec

  • SHA1

    35f92ecf8be5cea46c8cef95432b3d851fc116db

  • SHA256

    9b130f05c990d4db0ac3d873b1f5d53e06657db2adb18592019c60079ce826ef

  • SHA512

    a8eb7b8c66c27de41106be7e6f194363b2d696b0f4f478db8d357573dc8e13105de5b4e336dbce75c5a683a2805f1ab30cfb29dddd53d5b0807eb7ea353497b2

  • SSDEEP

    1536:xPWtHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtG9/H1os:xPWtHFoI3DJywQjDgTLopLwdCFJzG9/f

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      9086750bfcb440650c84a14318bed8ec_JaffaCakes118

    • Size

      78KB

    • MD5

      9086750bfcb440650c84a14318bed8ec

    • SHA1

      35f92ecf8be5cea46c8cef95432b3d851fc116db

    • SHA256

      9b130f05c990d4db0ac3d873b1f5d53e06657db2adb18592019c60079ce826ef

    • SHA512

      a8eb7b8c66c27de41106be7e6f194363b2d696b0f4f478db8d357573dc8e13105de5b4e336dbce75c5a683a2805f1ab30cfb29dddd53d5b0807eb7ea353497b2

    • SSDEEP

      1536:xPWtHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtG9/H1os:xPWtHFoI3DJywQjDgTLopLwdCFJzG9/f

    Score
    10/10
    discoverymetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks