General
-
Target
30049b078e062b1968c8a613b0f9187552950b231131bb763ffd6bc7348517c8N.exe
-
Size
78KB
-
Sample
241207-dsd8qssrh1
-
MD5
a48ccd22dd6942fc13e3dcf775542cb0
-
SHA1
f5e8deeb44d2f03b026344f55dee40458227fca9
-
SHA256
30049b078e062b1968c8a613b0f9187552950b231131bb763ffd6bc7348517c8
-
SHA512
c62a77b7408f643533c3173132d2f0981fef80ccf572a2434f7cbfc826d6ca5a51d55f14fa5c7c33f75514b4767f727cb8bab98787a617e38063dfcfc0cbe769
-
SSDEEP
1536:UPy5jS6vZv0kH9gDDtWzYCnJPeoYrGQt96g9/qT1y+:UPy5jS6l0Y9MDYrm7f9/qX
Malware Config
Targets
-
-
Target
30049b078e062b1968c8a613b0f9187552950b231131bb763ffd6bc7348517c8N.exe
-
Size
78KB
-
MD5
a48ccd22dd6942fc13e3dcf775542cb0
-
SHA1
f5e8deeb44d2f03b026344f55dee40458227fca9
-
SHA256
30049b078e062b1968c8a613b0f9187552950b231131bb763ffd6bc7348517c8
-
SHA512
c62a77b7408f643533c3173132d2f0981fef80ccf572a2434f7cbfc826d6ca5a51d55f14fa5c7c33f75514b4767f727cb8bab98787a617e38063dfcfc0cbe769
-
SSDEEP
1536:UPy5jS6vZv0kH9gDDtWzYCnJPeoYrGQt96g9/qT1y+:UPy5jS6l0Y9MDYrm7f9/qX
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-