General
-
Target
5452a9050bb25e2631dd9642370fc05c9a7e5cca312b9505dbf3760f3515dd4d
-
Size
78KB
-
Sample
250126-2jby1sykhk
-
MD5
cbc8b8f41ccac7371e1e8c987900ef98
-
SHA1
dc8319f56aa110cef5323b171cd7a800ccacf404
-
SHA256
5452a9050bb25e2631dd9642370fc05c9a7e5cca312b9505dbf3760f3515dd4d
-
SHA512
cb587c04d55a366fcf91a9b82c5852a24c734b3c88b60aca9a2ef3982fa833c4171e7fd3c24e1443bc4cc088df471d612976b5bd843fdd07ca7bff015b1ab2ed
-
SSDEEP
1536:cRWtHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQte6S9/R1Db:cRWtHa3Ln7N041Qqhge6S9/b
Malware Config
Targets
-
-
Target
5452a9050bb25e2631dd9642370fc05c9a7e5cca312b9505dbf3760f3515dd4d
-
Size
78KB
-
MD5
cbc8b8f41ccac7371e1e8c987900ef98
-
SHA1
dc8319f56aa110cef5323b171cd7a800ccacf404
-
SHA256
5452a9050bb25e2631dd9642370fc05c9a7e5cca312b9505dbf3760f3515dd4d
-
SHA512
cb587c04d55a366fcf91a9b82c5852a24c734b3c88b60aca9a2ef3982fa833c4171e7fd3c24e1443bc4cc088df471d612976b5bd843fdd07ca7bff015b1ab2ed
-
SSDEEP
1536:cRWtHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQte6S9/R1Db:cRWtHa3Ln7N041Qqhge6S9/b
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-