General
-
Target
89ce79c4ddb6d9f7177bddd4888d8b65c380a66f8dc1ce7805cf6c23aa1855da.exe
-
Size
78KB
-
Sample
241205-nva9zasqfx
-
MD5
fe728f00f45d82a7f0d5494a3e34699b
-
SHA1
44eb0c478edb1c0f1faacea0843f0481ba3a39cf
-
SHA256
89ce79c4ddb6d9f7177bddd4888d8b65c380a66f8dc1ce7805cf6c23aa1855da
-
SHA512
031d752ab87c8910c9064cb950f114fb253099e514a1d18b165f5d59e2bf8a39f798a1e1399bd086a68b1751c742510cdd0f4c7841ae67c644da16697277e008
-
SSDEEP
1536:nRWtHF3rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLM9/R45:nRWtHFbdSE2EwR4uY41HyvYLM9/up
Malware Config
Targets
-
-
Target
89ce79c4ddb6d9f7177bddd4888d8b65c380a66f8dc1ce7805cf6c23aa1855da.exe
-
Size
78KB
-
MD5
fe728f00f45d82a7f0d5494a3e34699b
-
SHA1
44eb0c478edb1c0f1faacea0843f0481ba3a39cf
-
SHA256
89ce79c4ddb6d9f7177bddd4888d8b65c380a66f8dc1ce7805cf6c23aa1855da
-
SHA512
031d752ab87c8910c9064cb950f114fb253099e514a1d18b165f5d59e2bf8a39f798a1e1399bd086a68b1751c742510cdd0f4c7841ae67c644da16697277e008
-
SSDEEP
1536:nRWtHF3rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLM9/R45:nRWtHFbdSE2EwR4uY41HyvYLM9/up
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-