General
-
Target
01b551c4acceda6651f2c8f21a618fa57c6acd3342c33be303b2d28cfba9af3cN.exe
-
Size
78KB
-
Sample
241205-dj4r2a1ngp
-
MD5
667d8b4cf55d8d417133c482d5c12860
-
SHA1
3388e21f716a6f84f7f4bd6f49416d5e135a674a
-
SHA256
01b551c4acceda6651f2c8f21a618fa57c6acd3342c33be303b2d28cfba9af3c
-
SHA512
fa9f6fc65101dca760ea21a63abd94b0158654d939c1e833c6b44acf4d2e31ae8c4ffe67a27395b93ccdeeb8d17f62dc2d552f1d91b2e8eecb271f95afb3c927
-
SSDEEP
1536:nRWtHF3rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLM9/R4X:nRWtHFbdSE2EwR4uY41HyvYLM9/u
Malware Config
Targets
-
-
Target
01b551c4acceda6651f2c8f21a618fa57c6acd3342c33be303b2d28cfba9af3cN.exe
-
Size
78KB
-
MD5
667d8b4cf55d8d417133c482d5c12860
-
SHA1
3388e21f716a6f84f7f4bd6f49416d5e135a674a
-
SHA256
01b551c4acceda6651f2c8f21a618fa57c6acd3342c33be303b2d28cfba9af3c
-
SHA512
fa9f6fc65101dca760ea21a63abd94b0158654d939c1e833c6b44acf4d2e31ae8c4ffe67a27395b93ccdeeb8d17f62dc2d552f1d91b2e8eecb271f95afb3c927
-
SSDEEP
1536:nRWtHF3rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLM9/R4X:nRWtHFbdSE2EwR4uY41HyvYLM9/u
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-