General
-
Target
aafb5fff965f689734311b601f60ccdc_JaffaCakes118
-
Size
78KB
-
Sample
241128-e3ywka1qdj
-
MD5
aafb5fff965f689734311b601f60ccdc
-
SHA1
abd980f120d0648643f6e969ae496003f2d4ca6e
-
SHA256
9ce7322fb16fdc6a5f36681ee86f2e7921a37db56f4820f2f234d7404ece461b
-
SHA512
cc0a757890ddf38fa13566a0853b52b472662626dcbe33ef1978fc5f62d24934bdfc51c1af2e89a5898017bd544fdae6f70941b7e95b608f51200ba0b11c75c9
-
SSDEEP
1536:Py5jSmVdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQtC6th9/p1fg:Py5jSm/vqyA11XYUBxprBPjcT9/c
Malware Config
Targets
-
-
Target
aafb5fff965f689734311b601f60ccdc_JaffaCakes118
-
Size
78KB
-
MD5
aafb5fff965f689734311b601f60ccdc
-
SHA1
abd980f120d0648643f6e969ae496003f2d4ca6e
-
SHA256
9ce7322fb16fdc6a5f36681ee86f2e7921a37db56f4820f2f234d7404ece461b
-
SHA512
cc0a757890ddf38fa13566a0853b52b472662626dcbe33ef1978fc5f62d24934bdfc51c1af2e89a5898017bd544fdae6f70941b7e95b608f51200ba0b11c75c9
-
SSDEEP
1536:Py5jSmVdv5wyFppaVs+aYTCgtWzYXxxiMrBnP5oYZNQtC6th9/p1fg:Py5jSm/vqyA11XYUBxprBPjcT9/c
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-