Overview

overview

10

Static

static

3

d49c59859d...dc.exe

windows7-x64

7

d49c59859d...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d49c59859d9781d9e2cb3fea98b0545db19de3bb10816becae015a67686adedc.exe

  • Size

    78KB

  • Sample

    241204-hkzxpawnhv

  • MD5

    7afe3e8926bce1c2bc8a5b17ab2694a4

  • SHA1

    71e7cb335cbf7285da9153aaa019417522240c75

  • SHA256

    d49c59859d9781d9e2cb3fea98b0545db19de3bb10816becae015a67686adedc

  • SHA512

    c52202fed5e14f32745fa2a21d3f4a480347203dc4dc10dc47d03874d5a27ddc4e74a5cc997cc7723588b5461bdb499768b9eefc96102491e4a42564a146b448

  • SSDEEP

    1536:CsHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtkB9//1CYE:CsH/3DJywQjDgTLopLwdCFJzkB9/dE

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      d49c59859d9781d9e2cb3fea98b0545db19de3bb10816becae015a67686adedc.exe

    • Size

      78KB

    • MD5

      7afe3e8926bce1c2bc8a5b17ab2694a4

    • SHA1

      71e7cb335cbf7285da9153aaa019417522240c75

    • SHA256

      d49c59859d9781d9e2cb3fea98b0545db19de3bb10816becae015a67686adedc

    • SHA512

      c52202fed5e14f32745fa2a21d3f4a480347203dc4dc10dc47d03874d5a27ddc4e74a5cc997cc7723588b5461bdb499768b9eefc96102491e4a42564a146b448

    • SSDEEP

      1536:CsHHuaJtVpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQtkB9//1CYE:CsH/3DJywQjDgTLopLwdCFJzkB9/dE

    Score
    10/10
    discoverymetamorpherratratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks