General
-
Target
45ec0efdf4e0bcf89bc4862a0ed16c1c1c668c62d35c6494c95eb973eb505ebd.exe
-
Size
78KB
-
Sample
241202-e2tkfsvmeq
-
MD5
d4013599520de9c8b1ae67d9abaee087
-
SHA1
73e8c0b7b6f71cdc8c52b0d19904b3ca2d61e583
-
SHA256
45ec0efdf4e0bcf89bc4862a0ed16c1c1c668c62d35c6494c95eb973eb505ebd
-
SHA512
2b384517313bb0fd28eb876290f5d9e02bad92eb86ea3ed3de7c023a94d05ea248643847408072528d5fe46d6c2323d0e0e12c3b8c4833b4e681a2cb56bd579f
-
SSDEEP
1536:RsHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtj9/f1GC2:RsH/3DJywQjDgTLopLwdCFJzj9/T2
Malware Config
Targets
-
-
Target
45ec0efdf4e0bcf89bc4862a0ed16c1c1c668c62d35c6494c95eb973eb505ebd.exe
-
Size
78KB
-
MD5
d4013599520de9c8b1ae67d9abaee087
-
SHA1
73e8c0b7b6f71cdc8c52b0d19904b3ca2d61e583
-
SHA256
45ec0efdf4e0bcf89bc4862a0ed16c1c1c668c62d35c6494c95eb973eb505ebd
-
SHA512
2b384517313bb0fd28eb876290f5d9e02bad92eb86ea3ed3de7c023a94d05ea248643847408072528d5fe46d6c2323d0e0e12c3b8c4833b4e681a2cb56bd579f
-
SSDEEP
1536:RsHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtj9/f1GC2:RsH/3DJywQjDgTLopLwdCFJzj9/T2
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-