General
-
Target
JaffaCakes118_5da3837530dd6b1a9666ea002aef5238
-
Size
80KB
-
Sample
250107-mg6naaxkcz
-
MD5
5da3837530dd6b1a9666ea002aef5238
-
SHA1
41893ba57e61f8b177775c4d8ff982a8ec73e94e
-
SHA256
81e6145cbc93443083f2398466f3a7d39c52dcac816b92b4619576ce531c0624
-
SHA512
666fd1978741d8b4d6360bf46d93e957af5931f1777021e75ed403a125d5d9d0123410b41c88329d4595c587b125a2e85e09ec5e0f5498651d690ff344f64cd4
-
SSDEEP
1536:9HFo6rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLg39/CF1b:9HFo8dSE2EwR4uY41HyvYLg39/Cz
Malware Config
Targets
-
-
Target
JaffaCakes118_5da3837530dd6b1a9666ea002aef5238
-
Size
80KB
-
MD5
5da3837530dd6b1a9666ea002aef5238
-
SHA1
41893ba57e61f8b177775c4d8ff982a8ec73e94e
-
SHA256
81e6145cbc93443083f2398466f3a7d39c52dcac816b92b4619576ce531c0624
-
SHA512
666fd1978741d8b4d6360bf46d93e957af5931f1777021e75ed403a125d5d9d0123410b41c88329d4595c587b125a2e85e09ec5e0f5498651d690ff344f64cd4
-
SSDEEP
1536:9HFo6rdELT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQtLg39/CF1b:9HFo8dSE2EwR4uY41HyvYLg39/Cz
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-