Overview

overview

10

Static

static

3

a37830fa1d...4N.exe

windows7-x64

7

a37830fa1d...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a37830fa1d3fda372105587593a43ed1bf0073bf9b9d8bd996f2a41fb6183954N.exe

  • Size

    78KB

  • Sample

    241124-mzj71asmcj

  • MD5

    6fd1d6408ef2c4b1fc75cb8ba9517110

  • SHA1

    a26a7ce37aa97802bd266304b5b74a0370bd48a4

  • SHA256

    a37830fa1d3fda372105587593a43ed1bf0073bf9b9d8bd996f2a41fb6183954

  • SHA512

    66f874efb594de7e3954ede98f71f1ce1889fd855f09a8deafeb621114bcc266480491d98925456bb721253273759c729b914019621e70d209cf500dcc11722d

  • SSDEEP

    1536:IvWV5jKpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtt6U9/T011h:+WV5jEJywQjDgTLopLwdCFJzL9/6

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      a37830fa1d3fda372105587593a43ed1bf0073bf9b9d8bd996f2a41fb6183954N.exe

    • Size

      78KB

    • MD5

      6fd1d6408ef2c4b1fc75cb8ba9517110

    • SHA1

      a26a7ce37aa97802bd266304b5b74a0370bd48a4

    • SHA256

      a37830fa1d3fda372105587593a43ed1bf0073bf9b9d8bd996f2a41fb6183954

    • SHA512

      66f874efb594de7e3954ede98f71f1ce1889fd855f09a8deafeb621114bcc266480491d98925456bb721253273759c729b914019621e70d209cf500dcc11722d

    • SSDEEP

      1536:IvWV5jKpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtt6U9/T011h:+WV5jEJywQjDgTLopLwdCFJzL9/6

    Score
    10/10
    discoverymetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks