Overview

overview

10

Static

static

3

4284e008ce...75.exe

windows7-x64

10

4284e008ce...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4284e008cefe03ca70bb547b4c52592b3970996308a6462500c8fbaffe378275.exe

  • Size

    78KB

  • Sample

    241127-wrlkjatraz

  • MD5

    7fcb227cf50a8a6d141a28f5baf6857b

  • SHA1

    bbaeca896472b6a7d1e67a545e9b537ff522fd97

  • SHA256

    4284e008cefe03ca70bb547b4c52592b3970996308a6462500c8fbaffe378275

  • SHA512

    70301203754303b20ae3765be57c98cae6c15389e566ed6187df71bb3ce600ea74cb6d015dfbba57caa6e21c2b7a6e2704e42a120fab06ab6cbcdbae90a51328

  • SSDEEP

    1536:iV58MLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6N9/u1L08:iV586E2EwR4uY41HyvYl9/f8

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      4284e008cefe03ca70bb547b4c52592b3970996308a6462500c8fbaffe378275.exe

    • Size

      78KB

    • MD5

      7fcb227cf50a8a6d141a28f5baf6857b

    • SHA1

      bbaeca896472b6a7d1e67a545e9b537ff522fd97

    • SHA256

      4284e008cefe03ca70bb547b4c52592b3970996308a6462500c8fbaffe378275

    • SHA512

      70301203754303b20ae3765be57c98cae6c15389e566ed6187df71bb3ce600ea74cb6d015dfbba57caa6e21c2b7a6e2704e42a120fab06ab6cbcdbae90a51328

    • SSDEEP

      1536:iV58MLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6N9/u1L08:iV586E2EwR4uY41HyvYl9/f8

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks