General
-
Target
1275704c6fcb4f3c5a7debd7059fb0744b9ab5d95f0a408e7f47b844e3cdb5f0N.exe
-
Size
78KB
-
Sample
241205-npm2ksynak
-
MD5
7b4b36ee8b8dc68f31653e1b914cd9c0
-
SHA1
2b20f69b37060b272e4374661deeba18b17bd7b0
-
SHA256
1275704c6fcb4f3c5a7debd7059fb0744b9ab5d95f0a408e7f47b844e3cdb5f0
-
SHA512
31eb2bbcef6f4dc8e128ad4c57fd9f809b727c50bda05e9d8d010ce98a425e4e45327648a2b3681c695f4827b9dcaf7ede5a356dcd86cdbf0dc076e7c9fea299
-
SSDEEP
1536:/y5jIXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtC6m9/q1tV:/y5jQSyRxvhTzXPvCbW2UO9/0
Malware Config
Targets
-
-
Target
1275704c6fcb4f3c5a7debd7059fb0744b9ab5d95f0a408e7f47b844e3cdb5f0N.exe
-
Size
78KB
-
MD5
7b4b36ee8b8dc68f31653e1b914cd9c0
-
SHA1
2b20f69b37060b272e4374661deeba18b17bd7b0
-
SHA256
1275704c6fcb4f3c5a7debd7059fb0744b9ab5d95f0a408e7f47b844e3cdb5f0
-
SHA512
31eb2bbcef6f4dc8e128ad4c57fd9f809b727c50bda05e9d8d010ce98a425e4e45327648a2b3681c695f4827b9dcaf7ede5a356dcd86cdbf0dc076e7c9fea299
-
SSDEEP
1536:/y5jIXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtC6m9/q1tV:/y5jQSyRxvhTzXPvCbW2UO9/0
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-