General
-
Target
aaed7416e90a9e7cc08334487a15e1b6_JaffaCakes118
-
Size
78KB
-
Sample
241128-eqqdnavmc1
-
MD5
aaed7416e90a9e7cc08334487a15e1b6
-
SHA1
412492bd959935e04c4fb9d4830ee32015547c60
-
SHA256
468024aed17f32d77ea008e438962a17808683728da5dfc2418985a0d487cbd3
-
SHA512
f45a820c7e95d54cf41ae5757370245a5d8b329a3d5fcdc13c3bcdd57a24eaf39a4bb86c16a50205bce930603ac3fd1c3ac6e2d033624c73f38810aba5529142
-
SSDEEP
1536:TCHY6rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtV9/Q1hZ:TCHY8dSE2EwR4uY41HyvYV9/q
Malware Config
Targets
-
-
Target
aaed7416e90a9e7cc08334487a15e1b6_JaffaCakes118
-
Size
78KB
-
MD5
aaed7416e90a9e7cc08334487a15e1b6
-
SHA1
412492bd959935e04c4fb9d4830ee32015547c60
-
SHA256
468024aed17f32d77ea008e438962a17808683728da5dfc2418985a0d487cbd3
-
SHA512
f45a820c7e95d54cf41ae5757370245a5d8b329a3d5fcdc13c3bcdd57a24eaf39a4bb86c16a50205bce930603ac3fd1c3ac6e2d033624c73f38810aba5529142
-
SSDEEP
1536:TCHY6rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtV9/Q1hZ:TCHY8dSE2EwR4uY41HyvYV9/q
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-