Overview

overview

10

Static

static

3

220e3facda...7N.exe

windows7-x64

10

220e3facda...7N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    220e3facdaf2fa0b107c36bf5ff118bc02e209a95afcc7fe07c27a7d712b7977N.exe

  • Size

    78KB

  • Sample

    250103-sns9eszpfv

  • MD5

    70c0c7678f9df416f1061b744e6b16b0

  • SHA1

    8217c9b3a6f9a049dc462bfa1b325bd992d287cb

  • SHA256

    220e3facdaf2fa0b107c36bf5ff118bc02e209a95afcc7fe07c27a7d712b7977

  • SHA512

    1fcb4eed4cc6e0764507143f39495ccf6fd519939d626ef2fd6c32dbbc4852493e7d9c79b7a18df8862b8b9dc27f337f3a4e324ba9c5d1f8f496b243580eff73

  • SSDEEP

    1536:zWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtRu9/VO1Pq:zWtHshASyRxvhTzXPvCbW2URu9/P

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      220e3facdaf2fa0b107c36bf5ff118bc02e209a95afcc7fe07c27a7d712b7977N.exe

    • Size

      78KB

    • MD5

      70c0c7678f9df416f1061b744e6b16b0

    • SHA1

      8217c9b3a6f9a049dc462bfa1b325bd992d287cb

    • SHA256

      220e3facdaf2fa0b107c36bf5ff118bc02e209a95afcc7fe07c27a7d712b7977

    • SHA512

      1fcb4eed4cc6e0764507143f39495ccf6fd519939d626ef2fd6c32dbbc4852493e7d9c79b7a18df8862b8b9dc27f337f3a4e324ba9c5d1f8f496b243580eff73

    • SSDEEP

      1536:zWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtRu9/VO1Pq:zWtHshASyRxvhTzXPvCbW2URu9/P

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks