General

  • Target

    a0285912de9fce2420a293c4267c673aea25e2ccb63f77724945a94f8f2fc984.exe

  • Size

    78KB

  • Sample

    241219-laltvsyket

  • MD5

    b4b4257cfea36713853a7b0c4a3d1c81

  • SHA1

    4cf4d54573163b978bcaf82709ca06e925de3adf

  • SHA256

    a0285912de9fce2420a293c4267c673aea25e2ccb63f77724945a94f8f2fc984

  • SHA512

    1af741d593130d07e8b21839d353c90fe4afc42018ebd60bf464b18fefde2e4563f697c10d7f77dcaa12880e9ffaa813616c27fe493ab25ef72c86e476205dd5

  • SSDEEP

    1536:nPWV5Ndy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtN6h9/S1VWQ:nPWV5Yn7N041Qqhgi9//Q

Malware Config

Targets

    • Target

      a0285912de9fce2420a293c4267c673aea25e2ccb63f77724945a94f8f2fc984.exe

    • Size

      78KB

    • MD5

      b4b4257cfea36713853a7b0c4a3d1c81

    • SHA1

      4cf4d54573163b978bcaf82709ca06e925de3adf

    • SHA256

      a0285912de9fce2420a293c4267c673aea25e2ccb63f77724945a94f8f2fc984

    • SHA512

      1af741d593130d07e8b21839d353c90fe4afc42018ebd60bf464b18fefde2e4563f697c10d7f77dcaa12880e9ffaa813616c27fe493ab25ef72c86e476205dd5

    • SSDEEP

      1536:nPWV5Ndy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtN6h9/S1VWQ:nPWV5Yn7N041Qqhgi9//Q

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks