General
-
Target
baf18f78f03db13b7fad06a05db07ce5691519036301628b3b14e06d715688f2N.exe
-
Size
78KB
-
Sample
241210-3t7dcazpcl
-
MD5
f752323728897be495c894534e97b790
-
SHA1
874abe97444f7e4cb9500f726232b3c6be9b907a
-
SHA256
baf18f78f03db13b7fad06a05db07ce5691519036301628b3b14e06d715688f2
-
SHA512
8e9474fb201eef6723f46e8b8a206e9b2757e981cfba5d9bc0701697be67f6abe8bd3c2a00049440002e97ae1b87aa2b45966849fde93042fecc21407127047f
-
SSDEEP
1536:VVe55AlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd6TS9/D14q:3e55AtWDDILJLovbicqOq3o+nh9/5
Static task
static1
Behavioral task
behavioral1
Sample
baf18f78f03db13b7fad06a05db07ce5691519036301628b3b14e06d715688f2N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
baf18f78f03db13b7fad06a05db07ce5691519036301628b3b14e06d715688f2N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
baf18f78f03db13b7fad06a05db07ce5691519036301628b3b14e06d715688f2N.exe
-
Size
78KB
-
MD5
f752323728897be495c894534e97b790
-
SHA1
874abe97444f7e4cb9500f726232b3c6be9b907a
-
SHA256
baf18f78f03db13b7fad06a05db07ce5691519036301628b3b14e06d715688f2
-
SHA512
8e9474fb201eef6723f46e8b8a206e9b2757e981cfba5d9bc0701697be67f6abe8bd3c2a00049440002e97ae1b87aa2b45966849fde93042fecc21407127047f
-
SSDEEP
1536:VVe55AlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd6TS9/D14q:3e55AtWDDILJLovbicqOq3o+nh9/5
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-