General
-
Target
8ca63d2f53be90d96fd0bc8c280f35dbae3bed8fa5bdf92d0691619078f6565aN.exe
-
Size
78KB
-
Sample
241222-nh42hswqbj
-
MD5
06d06fc07d067fe9f0828d930694b090
-
SHA1
c7b92a651f9d21968eb67b718c5b86574d3ab27d
-
SHA256
8ca63d2f53be90d96fd0bc8c280f35dbae3bed8fa5bdf92d0691619078f6565a
-
SHA512
e2881b8d082c779ca21e214976ca170faeb5e79087acf683b3c34cd8b36bcfe6bf99a75a1130a390273e045180068041b83626043ccda26f1b259b69ce174e3a
-
SSDEEP
1536:KHFo6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQteE9/N1au:KHFo53Ln7N041QqhgeE9/B
Malware Config
Targets
-
-
Target
8ca63d2f53be90d96fd0bc8c280f35dbae3bed8fa5bdf92d0691619078f6565aN.exe
-
Size
78KB
-
MD5
06d06fc07d067fe9f0828d930694b090
-
SHA1
c7b92a651f9d21968eb67b718c5b86574d3ab27d
-
SHA256
8ca63d2f53be90d96fd0bc8c280f35dbae3bed8fa5bdf92d0691619078f6565a
-
SHA512
e2881b8d082c779ca21e214976ca170faeb5e79087acf683b3c34cd8b36bcfe6bf99a75a1130a390273e045180068041b83626043ccda26f1b259b69ce174e3a
-
SSDEEP
1536:KHFo6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQteE9/N1au:KHFo53Ln7N041QqhgeE9/B
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-