Overview

overview

10

Static

static

3

4d3496533e...5N.exe

windows7-x64

10

4d3496533e...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d3496533ed3fc48b46bc0e544bdec26037090cccbf0473f5b53d0e6ccdd5e25N.exe

  • Size

    78KB

  • Sample

    241129-qk5ryaxmez

  • MD5

    3582cd6030e1db8dd72f768906e2f130

  • SHA1

    fb55fc2001e1264e1fb7eb75148d965e705966c6

  • SHA256

    4d3496533ed3fc48b46bc0e544bdec26037090cccbf0473f5b53d0e6ccdd5e25

  • SHA512

    3b38dff43364649f5d3af5d85c1f2205b947065c33621dc36d10311071822307636fca712abe1b90d7272097eda17e1bd99cf348b4a9d627edfe5158382a0bea

  • SSDEEP

    1536:XHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtLu9/P1Ab:XHFoI3DJywQjDgTLopLwdCFJzLu9/Q

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      4d3496533ed3fc48b46bc0e544bdec26037090cccbf0473f5b53d0e6ccdd5e25N.exe

    • Size

      78KB

    • MD5

      3582cd6030e1db8dd72f768906e2f130

    • SHA1

      fb55fc2001e1264e1fb7eb75148d965e705966c6

    • SHA256

      4d3496533ed3fc48b46bc0e544bdec26037090cccbf0473f5b53d0e6ccdd5e25

    • SHA512

      3b38dff43364649f5d3af5d85c1f2205b947065c33621dc36d10311071822307636fca712abe1b90d7272097eda17e1bd99cf348b4a9d627edfe5158382a0bea

    • SSDEEP

      1536:XHFo6uaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtLu9/P1Ab:XHFoI3DJywQjDgTLopLwdCFJzLu9/Q

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks