General
-
Target
aea5c984a32b4d05e468f70dab352b7edc89e788e1c11ec50175511cc8d304b7.exe
-
Size
78KB
-
Sample
250123-2l1edswqgs
-
MD5
733319b3eef1c7bbd30aa8dac6519aac
-
SHA1
fce2c55c1436a9d8ef0ab7dd25decf3fc2eb54eb
-
SHA256
aea5c984a32b4d05e468f70dab352b7edc89e788e1c11ec50175511cc8d304b7
-
SHA512
104309319cc30b3180e0148efbdcfa73b5319dd39d8206ef77f176110ed7a30f491c37c6108827fd356bcac1d5b15ff507c0d2011aee7694947f73830011ec6a
-
SSDEEP
1536:NPCHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtv9/M162A:NPCHshASyRxvhTzXPvCbW2Uv9/4A
Malware Config
Targets
-
-
Target
aea5c984a32b4d05e468f70dab352b7edc89e788e1c11ec50175511cc8d304b7.exe
-
Size
78KB
-
MD5
733319b3eef1c7bbd30aa8dac6519aac
-
SHA1
fce2c55c1436a9d8ef0ab7dd25decf3fc2eb54eb
-
SHA256
aea5c984a32b4d05e468f70dab352b7edc89e788e1c11ec50175511cc8d304b7
-
SHA512
104309319cc30b3180e0148efbdcfa73b5319dd39d8206ef77f176110ed7a30f491c37c6108827fd356bcac1d5b15ff507c0d2011aee7694947f73830011ec6a
-
SSDEEP
1536:NPCHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQtv9/M162A:NPCHshASyRxvhTzXPvCbW2Uv9/4A
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-