Overview

overview

10

Static

static

3

3ec902b68d...cd.exe

windows7-x64

10

3ec902b68d...cd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ec902b68d394c037bc79aa4b19fa1fdff03eb4172ef078f61203f4ca3b35acd

  • Size

    78KB

  • Sample

    241127-1pq5fssjgs

  • MD5

    5f0c86b976c87080308f6fc2d3ebe4c8

  • SHA1

    5da80f5e8899e3fed0e77abf18c3a113815d356c

  • SHA256

    3ec902b68d394c037bc79aa4b19fa1fdff03eb4172ef078f61203f4ca3b35acd

  • SHA512

    cb99ca70a12a446407bb18665660262d006eecc8e2081385213e25aa12b98288a6b9327eedba4136fd164e52ccff8f151c86e67bb0f1477d862b864f1996cfeb

  • SSDEEP

    1536:QhHFo6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qt89/4L1+:8HFoI3ZAtWDDILJLovbicqOq3o+n89/J

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      3ec902b68d394c037bc79aa4b19fa1fdff03eb4172ef078f61203f4ca3b35acd

    • Size

      78KB

    • MD5

      5f0c86b976c87080308f6fc2d3ebe4c8

    • SHA1

      5da80f5e8899e3fed0e77abf18c3a113815d356c

    • SHA256

      3ec902b68d394c037bc79aa4b19fa1fdff03eb4172ef078f61203f4ca3b35acd

    • SHA512

      cb99ca70a12a446407bb18665660262d006eecc8e2081385213e25aa12b98288a6b9327eedba4136fd164e52ccff8f151c86e67bb0f1477d862b864f1996cfeb

    • SSDEEP

      1536:QhHFo6uaJtZAlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qt89/4L1+:8HFoI3ZAtWDDILJLovbicqOq3o+n89/J

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks