General

  • Target

    6be68aa963e0002cf776c791b2fb5386c81d5c2d0f074b6688759bab02461586.exe

  • Size

    78KB

  • Sample

    241211-btevjstlfr

  • MD5

    2d1040cbb7d90db8d32d9e9d98cfe41c

  • SHA1

    b20f3369032316407495a6e6a032033549417a48

  • SHA256

    6be68aa963e0002cf776c791b2fb5386c81d5c2d0f074b6688759bab02461586

  • SHA512

    29326b444beef438e5923e5c4750e14f71112a43340d340c74bec258e29ce598e4dc20cf93c5a2b893bad940b645e8221df7f9557267013c9e383ac9a68caa90

  • SSDEEP

    1536:VVe55AlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd6TS9/D14qU:3e55AtWDDILJLovbicqOq3o+nh9/5U

Malware Config

Targets

    • Target

      6be68aa963e0002cf776c791b2fb5386c81d5c2d0f074b6688759bab02461586.exe

    • Size

      78KB

    • MD5

      2d1040cbb7d90db8d32d9e9d98cfe41c

    • SHA1

      b20f3369032316407495a6e6a032033549417a48

    • SHA256

      6be68aa963e0002cf776c791b2fb5386c81d5c2d0f074b6688759bab02461586

    • SHA512

      29326b444beef438e5923e5c4750e14f71112a43340d340c74bec258e29ce598e4dc20cf93c5a2b893bad940b645e8221df7f9557267013c9e383ac9a68caa90

    • SSDEEP

      1536:VVe55AlGmWw644txVILJtcfJuovFdPKmNqOqD70Gou2P2oYe9Qtd6TS9/D14qU:3e55AtWDDILJLovbicqOq3o+nh9/5U

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks