General
-
Target
4f112b3cfe0291544cd34b83c02e76ce6bb47ab7fb7ae073ac8e0933000854b1.exe
-
Size
78KB
-
Sample
241203-qhsplasmbl
-
MD5
425ca0a0d0e9bcca9812b5f48a56c955
-
SHA1
721290757978f2fddd1b3cc6f5f200344a20b38e
-
SHA256
4f112b3cfe0291544cd34b83c02e76ce6bb47ab7fb7ae073ac8e0933000854b1
-
SHA512
c9f86663fb8f3a700ef3357b505c97eec17a0ae45235cf693f5a6378c44e4d2e47e896753e9000cae59587db36961d7addb5cda8ee6bc61b43d697683a09f0a3
-
SSDEEP
1536:SvWV58/pJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti6d9/2K1Zgq:sWV58BJywQjDgTLopLwdCFJzF9/2Jq
Malware Config
Targets
-
-
Target
4f112b3cfe0291544cd34b83c02e76ce6bb47ab7fb7ae073ac8e0933000854b1.exe
-
Size
78KB
-
MD5
425ca0a0d0e9bcca9812b5f48a56c955
-
SHA1
721290757978f2fddd1b3cc6f5f200344a20b38e
-
SHA256
4f112b3cfe0291544cd34b83c02e76ce6bb47ab7fb7ae073ac8e0933000854b1
-
SHA512
c9f86663fb8f3a700ef3357b505c97eec17a0ae45235cf693f5a6378c44e4d2e47e896753e9000cae59587db36961d7addb5cda8ee6bc61b43d697683a09f0a3
-
SSDEEP
1536:SvWV58/pJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti6d9/2K1Zgq:sWV58BJywQjDgTLopLwdCFJzF9/2Jq
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-