Overview

overview

10

Static

static

3

ab370fd7f7...7N.exe

windows7-x64

10

ab370fd7f7...7N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab370fd7f737e21fe302835517dca661e835a20ff42367e7e7a840bde6378b97N.exe

  • Size

    78KB

  • Sample

    241202-x3kytaykht

  • MD5

    88aae9275870cab6b6f3ad4ca7903be0

  • SHA1

    9239596a234d770cb96047d5fa95e85cbd029711

  • SHA256

    ab370fd7f737e21fe302835517dca661e835a20ff42367e7e7a840bde6378b97

  • SHA512

    859ca9dc2b071d0e5e823087c23968af4dcd91d1ff386577d043b3948986f03c6e292b67887afa901354679348b59e6942a8da9b30b601281a570cad59635399

  • SSDEEP

    1536:C4V5jULT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtt6Vs9/e1Wp:C4V5jiE2EwR4uY41HyvY+s9/B

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      ab370fd7f737e21fe302835517dca661e835a20ff42367e7e7a840bde6378b97N.exe

    • Size

      78KB

    • MD5

      88aae9275870cab6b6f3ad4ca7903be0

    • SHA1

      9239596a234d770cb96047d5fa95e85cbd029711

    • SHA256

      ab370fd7f737e21fe302835517dca661e835a20ff42367e7e7a840bde6378b97

    • SHA512

      859ca9dc2b071d0e5e823087c23968af4dcd91d1ff386577d043b3948986f03c6e292b67887afa901354679348b59e6942a8da9b30b601281a570cad59635399

    • SSDEEP

      1536:C4V5jULT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtt6Vs9/e1Wp:C4V5jiE2EwR4uY41HyvY+s9/B

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks