metamorpherrat | b3093b934957f4e125ca90dd4d4a39cf267a331d1dc231d77c9e914bc3f4b7ba | Triage

Sharing

General

Target

b3093b934957f4e125ca90dd4d4a39cf267a331d1dc231d77c9e914bc3f4b7ba.exe
Size

78KB
Sample

250120-s8cr6sxjay
MD5

d0739ef03217e60248fe60c9c0d0cd89
SHA1

6b843af52c1016461e9c897c0f03b79fa5849aae
SHA256

b3093b934957f4e125ca90dd4d4a39cf267a331d1dc231d77c9e914bc3f4b7ba
SHA512

89a84ab026fd465b299bd59813dd11634bb646d5a256a0ad6b0d5955244e3c4441c0b557ae0e64b7006a62ad9b84ff624e88bd256f64dc7774352377e6ca9c96
SSDEEP

1536:KCHHM7t/vZv0kH9gDDtWzYCnJPeoYrGQtqx9/21Gsi:KCHsh/l0Y9MDYrm709/8i

Score

10^/10

metamorpherrat discovery persistence rat stealer trojan

Malware Config

Targets

- Target
  
  b3093b934957f4e125ca90dd4d4a39cf267a331d1dc231d77c9e914bc3f4b7ba.exe
- Size
  
  78KB
- MD5
  
  d0739ef03217e60248fe60c9c0d0cd89
- SHA1
  
  6b843af52c1016461e9c897c0f03b79fa5849aae
- SHA256
  
  b3093b934957f4e125ca90dd4d4a39cf267a331d1dc231d77c9e914bc3f4b7ba
- SHA512
  
  89a84ab026fd465b299bd59813dd11634bb646d5a256a0ad6b0d5955244e3c4441c0b557ae0e64b7006a62ad9b84ff624e88bd256f64dc7774352377e6ca9c96
- SSDEEP
  
  1536:KCHHM7t/vZv0kH9gDDtWzYCnJPeoYrGQtqx9/21Gsi:KCHsh/l0Y9MDYrm709/8i
Score

10^/10

metamorpherrat discovery persistence rat stealer trojan
- MetamorpherRAT
  Metamorpherrat is a hacking tool that has been around for a while since 2013.
  trojan rat stealer metamorpherrat
- Metamorpherrat family
  metamorpherrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metamorpherratdiscoverypersistenceratstealertrojan

behavioral2

metamorpherratdiscoverypersistenceratstealertrojan