Overview

overview

10

Static

static

3

98724722ff...5N.exe

windows7-x64

10

98724722ff...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98724722ff6b8af816319e305401aea6f9ec8cf6ce332bb0a0e34734bca0f8c5N.exe

  • Size

    78KB

  • Sample

    241206-gs5x8szjgl

  • MD5

    82c8c5720f1c5886ae255297d5d65450

  • SHA1

    170fe35f4931919dcc1f38fbb30561cf8d723fee

  • SHA256

    98724722ff6b8af816319e305401aea6f9ec8cf6ce332bb0a0e34734bca0f8c5

  • SHA512

    eda89ef3e98f38bc1527d89c1c752fd9d742e59a06006e3c28e11461a88b461049f0b4ea6d8d9080aaee61cc6bdd212f6fcbc640c2b1d0aa93f5a2f00a37cbfe

  • SSDEEP

    1536:me5jJLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6x9/F1sp:me5jhE2EwR4uY41HyvYJ9/4

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      98724722ff6b8af816319e305401aea6f9ec8cf6ce332bb0a0e34734bca0f8c5N.exe

    • Size

      78KB

    • MD5

      82c8c5720f1c5886ae255297d5d65450

    • SHA1

      170fe35f4931919dcc1f38fbb30561cf8d723fee

    • SHA256

      98724722ff6b8af816319e305401aea6f9ec8cf6ce332bb0a0e34734bca0f8c5

    • SHA512

      eda89ef3e98f38bc1527d89c1c752fd9d742e59a06006e3c28e11461a88b461049f0b4ea6d8d9080aaee61cc6bdd212f6fcbc640c2b1d0aa93f5a2f00a37cbfe

    • SSDEEP

      1536:me5jJLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6x9/F1sp:me5jhE2EwR4uY41HyvYJ9/4

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks