Overview

overview

10

Static

static

3

3a6866c3f0...13.exe

windows7-x64

10

3a6866c3f0...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a6866c3f0249aba64ca0b28c341df77570acd7f77e6bef3394a62f9c41f9113.exe

  • Size

    78KB

  • Sample

    241210-2qfksaxrhj

  • MD5

    8477647e4679c817f80c33e6c46c644d

  • SHA1

    83788c6ab2613c0177e4c8a8a05326379699ca64

  • SHA256

    3a6866c3f0249aba64ca0b28c341df77570acd7f77e6bef3394a62f9c41f9113

  • SHA512

    ac4ea5359f0b7328a537e4730d0bff79529a886a5baa49f9d71d44ef0b14db6ed755b4ee1f6f4c2392be20749263ef2647d9752ff59d22465cfabcbc734545ab

  • SSDEEP

    1536:l+5jSNpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti67Y9/PC1awk:I5jS7JywQjDgTLopLwdCFJzDY9/Ek

Score
10/10
metamorpherratdiscoveryratstealertrojan

Malware Config

Targets

    • Target

      3a6866c3f0249aba64ca0b28c341df77570acd7f77e6bef3394a62f9c41f9113.exe

    • Size

      78KB

    • MD5

      8477647e4679c817f80c33e6c46c644d

    • SHA1

      83788c6ab2613c0177e4c8a8a05326379699ca64

    • SHA256

      3a6866c3f0249aba64ca0b28c341df77570acd7f77e6bef3394a62f9c41f9113

    • SHA512

      ac4ea5359f0b7328a537e4730d0bff79529a886a5baa49f9d71d44ef0b14db6ed755b4ee1f6f4c2392be20749263ef2647d9752ff59d22465cfabcbc734545ab

    • SSDEEP

      1536:l+5jSNpJywt04wbje3IgTazcoOEEQLwdCRoaeuProYMHQti67Y9/PC1awk:I5jS7JywQjDgTLopLwdCFJzDY9/Ek

    Score
    10/10
    metamorpherratdiscoveryratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks