General

  • Target

    8f107893b9c1dfc6d089d51fe2c384c6789214a3bda87b1f6a710177a0faaaebN.exe

  • Size

    78KB

  • Sample

    241124-tyy34avjan

  • MD5

    fbaeb298a868ea3384010e805d3e4130

  • SHA1

    1376a5e582e6d256f7d9f1243bffb84bed14cd5a

  • SHA256

    8f107893b9c1dfc6d089d51fe2c384c6789214a3bda87b1f6a710177a0faaaeb

  • SHA512

    86d72b1c5b60f8ab6cb19092180e4945ba75334d1c8b91132d809933412fb5c3286ac88a7bb541b36372e39c89638c7c9d23a8a0533240bc8b71f76eecbd837b

  • SSDEEP

    1536:LCHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtB9/G1dJ:LCHYn3xSyRxvY3md+dWWZyB9/U

Malware Config

Targets

    • Target

      8f107893b9c1dfc6d089d51fe2c384c6789214a3bda87b1f6a710177a0faaaebN.exe

    • Size

      78KB

    • MD5

      fbaeb298a868ea3384010e805d3e4130

    • SHA1

      1376a5e582e6d256f7d9f1243bffb84bed14cd5a

    • SHA256

      8f107893b9c1dfc6d089d51fe2c384c6789214a3bda87b1f6a710177a0faaaeb

    • SHA512

      86d72b1c5b60f8ab6cb19092180e4945ba75334d1c8b91132d809933412fb5c3286ac88a7bb541b36372e39c89638c7c9d23a8a0533240bc8b71f76eecbd837b

    • SSDEEP

      1536:LCHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtB9/G1dJ:LCHYn3xSyRxvY3md+dWWZyB9/U

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks