General
-
Target
38d1e61855767b0e32333d29b1a5795ba56366436b416fbd52860290b328fb17.exe
-
Size
78KB
-
Sample
241217-raf69s1kft
-
MD5
197c0bad190134f5a490c9c2a8693ae5
-
SHA1
51772c9dbc86bdb98944649dda3731d0a4e62156
-
SHA256
38d1e61855767b0e32333d29b1a5795ba56366436b416fbd52860290b328fb17
-
SHA512
493ef8a5ba7166c0fd906b99bdc0ec87c58ba29ae027c437feafcaf05c3ca6d846a5fb5bb0c4fa147f5950311d52429e984b8a320dc47c93684f0f0368a1c6ae
-
SSDEEP
1536:UPy5jS6vZv0kH9gDDtWzYCnJPeoYrGQt96g9/qT1y+g:UPy5jS6l0Y9MDYrm7f9/qXg
Malware Config
Targets
-
-
Target
38d1e61855767b0e32333d29b1a5795ba56366436b416fbd52860290b328fb17.exe
-
Size
78KB
-
MD5
197c0bad190134f5a490c9c2a8693ae5
-
SHA1
51772c9dbc86bdb98944649dda3731d0a4e62156
-
SHA256
38d1e61855767b0e32333d29b1a5795ba56366436b416fbd52860290b328fb17
-
SHA512
493ef8a5ba7166c0fd906b99bdc0ec87c58ba29ae027c437feafcaf05c3ca6d846a5fb5bb0c4fa147f5950311d52429e984b8a320dc47c93684f0f0368a1c6ae
-
SSDEEP
1536:UPy5jS6vZv0kH9gDDtWzYCnJPeoYrGQt96g9/qT1y+g:UPy5jS6l0Y9MDYrm7f9/qXg
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-