Overview

overview

10

Static

static

3

544ae03c2f...1N.exe

windows7-x64

10

544ae03c2f...1N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    544ae03c2f06632190a241de0563810b236ac92e73a745442e18d1515bb63171N.exe

  • Size

    78KB

  • Sample

    241126-26znla1mfq

  • MD5

    ac7c9242beb4b5ad46d33f463daf6bd0

  • SHA1

    a2265ce21eb23f1dddae7641e778b279ca3a7e37

  • SHA256

    544ae03c2f06632190a241de0563810b236ac92e73a745442e18d1515bb63171

  • SHA512

    9ebb3e37b9087a73352f3b648a52b43dcdebe082cd429a5c1de5168c4d9f203356a1825dad0548de54d1ec63e2e2af9485b7d83c1e4b21cc07dc1776d6ea39ff

  • SSDEEP

    1536:svy5lAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtS639/S1PK:4y5lAtWDDILJLovbicqOq3o+nP9/p

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      544ae03c2f06632190a241de0563810b236ac92e73a745442e18d1515bb63171N.exe

    • Size

      78KB

    • MD5

      ac7c9242beb4b5ad46d33f463daf6bd0

    • SHA1

      a2265ce21eb23f1dddae7641e778b279ca3a7e37

    • SHA256

      544ae03c2f06632190a241de0563810b236ac92e73a745442e18d1515bb63171

    • SHA512

      9ebb3e37b9087a73352f3b648a52b43dcdebe082cd429a5c1de5168c4d9f203356a1825dad0548de54d1ec63e2e2af9485b7d83c1e4b21cc07dc1776d6ea39ff

    • SSDEEP

      1536:svy5lAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9QtS639/S1PK:4y5lAtWDDILJLovbicqOq3o+nP9/p

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks