General
-
Target
JaffaCakes118_bfc5391497c5871690e47d3648bbd5b1
-
Size
80KB
-
Sample
250105-1w9kdaxmax
-
MD5
bfc5391497c5871690e47d3648bbd5b1
-
SHA1
af86a8a22f659bd1327b77a9ba12b9ef07605e39
-
SHA256
fce30a2de7a9b086334c8ca83c7f1a6899c9398441acb19e95d07b96a8fa6541
-
SHA512
f2d958036e799ec069db09970e74a75818cd3f86010b8ba33166576f80e0bf6ff2ffc96a6e5ac35e3c4209251acfb422dd674c668392cd3317b8dfb10cd1a55c
-
SSDEEP
1536:0e58wXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtC67j9/O7q1Yu:0e58oSyRxvY3md+dWWZyDj9/Oo
Malware Config
Targets
-
-
Target
JaffaCakes118_bfc5391497c5871690e47d3648bbd5b1
-
Size
80KB
-
MD5
bfc5391497c5871690e47d3648bbd5b1
-
SHA1
af86a8a22f659bd1327b77a9ba12b9ef07605e39
-
SHA256
fce30a2de7a9b086334c8ca83c7f1a6899c9398441acb19e95d07b96a8fa6541
-
SHA512
f2d958036e799ec069db09970e74a75818cd3f86010b8ba33166576f80e0bf6ff2ffc96a6e5ac35e3c4209251acfb422dd674c668392cd3317b8dfb10cd1a55c
-
SSDEEP
1536:0e58wXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtC67j9/O7q1Yu:0e58oSyRxvY3md+dWWZyDj9/Oo
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-