General

  • Target

    06aeb2b64f9e0519d32e318ef55190e55a91ff86c2a610959cb1f20a3255978f.exe

  • Size

    78KB

  • Sample

    241206-adygaayrfw

  • MD5

    4623746f0d9f743321ec82e4a1742914

  • SHA1

    80cf2a15c3ec339c7d0433b19050a5a8fefdeed9

  • SHA256

    06aeb2b64f9e0519d32e318ef55190e55a91ff86c2a610959cb1f20a3255978f

  • SHA512

    ec226481090820f09123698bd7bc20bb869611312341f5c04d2f47160a88b7f20e1cfb9c87a007f06ff5eb76804e9dd5008dc077b3e1166ae899f945fbe2b414

  • SSDEEP

    1536:HHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQten9/G+1M9h:HHYnhASyRxvhTzXPvCbW2Uen9/Gh

Malware Config

Targets

    • Target

      06aeb2b64f9e0519d32e318ef55190e55a91ff86c2a610959cb1f20a3255978f.exe

    • Size

      78KB

    • MD5

      4623746f0d9f743321ec82e4a1742914

    • SHA1

      80cf2a15c3ec339c7d0433b19050a5a8fefdeed9

    • SHA256

      06aeb2b64f9e0519d32e318ef55190e55a91ff86c2a610959cb1f20a3255978f

    • SHA512

      ec226481090820f09123698bd7bc20bb869611312341f5c04d2f47160a88b7f20e1cfb9c87a007f06ff5eb76804e9dd5008dc077b3e1166ae899f945fbe2b414

    • SSDEEP

      1536:HHY6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQten9/G+1M9h:HHYnhASyRxvhTzXPvCbW2Uen9/Gh

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks