Overview

overview

10

Static

static

3

1c9258a030...58.exe

windows7-x64

10

1c9258a030...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c9258a0307f4a83355b08217d7074ec211a89b2fd70036d0552e1c6238fc858.exe

  • Size

    78KB

  • Sample

    241201-eabkkawkgv

  • MD5

    1febe87029e171a05962959110aedf67

  • SHA1

    402257db7a85b52cbd447e31e40fe84c57783194

  • SHA256

    1c9258a0307f4a83355b08217d7074ec211a89b2fd70036d0552e1c6238fc858

  • SHA512

    909f46b2acdcb9d27bdeea1d03e370dbf8ec9df606b4825dc367fd67380aeb4c67b395d159bc3329e3b9e929e422081a3ec02d0983b74eb3bced811d9a039068

  • SSDEEP

    1536:IvWV5jKpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtt6U9/T011hN:+WV5jEJywQjDgTLopLwdCFJzL9/6N

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      1c9258a0307f4a83355b08217d7074ec211a89b2fd70036d0552e1c6238fc858.exe

    • Size

      78KB

    • MD5

      1febe87029e171a05962959110aedf67

    • SHA1

      402257db7a85b52cbd447e31e40fe84c57783194

    • SHA256

      1c9258a0307f4a83355b08217d7074ec211a89b2fd70036d0552e1c6238fc858

    • SHA512

      909f46b2acdcb9d27bdeea1d03e370dbf8ec9df606b4825dc367fd67380aeb4c67b395d159bc3329e3b9e929e422081a3ec02d0983b74eb3bced811d9a039068

    • SSDEEP

      1536:IvWV5jKpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtt6U9/T011hN:+WV5jEJywQjDgTLopLwdCFJzL9/6N

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks