General
-
Target
ce3710a084862b2fd882c9998fb85287da770adb7cb6371f48bbff3cfba5e13bN.exe
-
Size
78KB
-
Sample
241127-dxrdvs1nek
-
MD5
d052551deb4793729f074eb4adfb1e40
-
SHA1
d3a77e4f972ecf85f010847a862000460b021532
-
SHA256
ce3710a084862b2fd882c9998fb85287da770adb7cb6371f48bbff3cfba5e13b
-
SHA512
01a36a3e80a715fb2069a6e27e8c195e788b740025ea6fcbdeadecc3473e541193b4a54507960bf42ddeda67c968cd1a041d1a2836cb413f3ca4d25f26da3a2a
-
SSDEEP
1536:iV58MLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6N9/u1L0:iV586E2EwR4uY41HyvYl9/f
Malware Config
Targets
-
-
Target
ce3710a084862b2fd882c9998fb85287da770adb7cb6371f48bbff3cfba5e13bN.exe
-
Size
78KB
-
MD5
d052551deb4793729f074eb4adfb1e40
-
SHA1
d3a77e4f972ecf85f010847a862000460b021532
-
SHA256
ce3710a084862b2fd882c9998fb85287da770adb7cb6371f48bbff3cfba5e13b
-
SHA512
01a36a3e80a715fb2069a6e27e8c195e788b740025ea6fcbdeadecc3473e541193b4a54507960bf42ddeda67c968cd1a041d1a2836cb413f3ca4d25f26da3a2a
-
SSDEEP
1536:iV58MLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6N9/u1L0:iV586E2EwR4uY41HyvYl9/f
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-