General

  • Target

    0905ff803421f08a1335498881470ad6a1ea1447bb7afc1bf218ce82b87128db

  • Size

    78KB

  • Sample

    241210-x8bx4avrbx

  • MD5

    cbe97fc8b41dd3ecda90e85e50ab50f1

  • SHA1

    74475a0463f49669371342eb3f519c1910b5fe3e

  • SHA256

    0905ff803421f08a1335498881470ad6a1ea1447bb7afc1bf218ce82b87128db

  • SHA512

    85d4fd9ea269d4b4d01064b49fcdefd93855bdf99ea683331ed656c757082e55f4a2348b7358da86b1bc420e069aaf7c422bbf0743c0fe529b92bd86d7c33820

  • SSDEEP

    1536:eWtHFo6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQteM9/f1LR:eWtHFonhASyRxvhTzXPvCbW2UeM9/f

Malware Config

Targets

    • Target

      0905ff803421f08a1335498881470ad6a1ea1447bb7afc1bf218ce82b87128db

    • Size

      78KB

    • MD5

      cbe97fc8b41dd3ecda90e85e50ab50f1

    • SHA1

      74475a0463f49669371342eb3f519c1910b5fe3e

    • SHA256

      0905ff803421f08a1335498881470ad6a1ea1447bb7afc1bf218ce82b87128db

    • SHA512

      85d4fd9ea269d4b4d01064b49fcdefd93855bdf99ea683331ed656c757082e55f4a2348b7358da86b1bc420e069aaf7c422bbf0743c0fe529b92bd86d7c33820

    • SSDEEP

      1536:eWtHFo6M7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQteM9/f1LR:eWtHFonhASyRxvhTzXPvCbW2UeM9/f

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks