General
-
Target
fd8ed11ffd5b198863d70e987ee098f3_JaffaCakes118
-
Size
78KB
-
Sample
241218-3kyd3swrgz
-
MD5
fd8ed11ffd5b198863d70e987ee098f3
-
SHA1
9a05d00c002e5b1c995071ad133fbb356eb5b032
-
SHA256
a566cbc819cf43d5877c692be055651d70e8c4bcd495d0a3031d60f0cebe332f
-
SHA512
e6475188467a12f100274066500f196454610782cb1b3543fd976d6ceac73113dce9880f96ec290935ec9b8928ac14d0b2a5e4676c863c11b711d96e0b4b6110
-
SSDEEP
1536:tPy5jSgpJywt04wbje37TazckwzW4UfSqRovPtoY0BQtC6B9/bmJ10Y:tPy5jSeJywQj2TLo4UJuXHhp9/aR
Malware Config
Targets
-
-
Target
fd8ed11ffd5b198863d70e987ee098f3_JaffaCakes118
-
Size
78KB
-
MD5
fd8ed11ffd5b198863d70e987ee098f3
-
SHA1
9a05d00c002e5b1c995071ad133fbb356eb5b032
-
SHA256
a566cbc819cf43d5877c692be055651d70e8c4bcd495d0a3031d60f0cebe332f
-
SHA512
e6475188467a12f100274066500f196454610782cb1b3543fd976d6ceac73113dce9880f96ec290935ec9b8928ac14d0b2a5e4676c863c11b711d96e0b4b6110
-
SSDEEP
1536:tPy5jSgpJywt04wbje37TazckwzW4UfSqRovPtoY0BQtC6B9/bmJ10Y:tPy5jSeJywQj2TLo4UJuXHhp9/aR
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-