Overview

overview

10

Static

static

3

b3ef4701f8...7N.exe

windows7-x64

10

b3ef4701f8...7N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3ef4701f85b953d37bb7c01d3e5d883fd48e5b42b1778c3ac154d439eefbdb7N.exe

  • Size

    78KB

  • Sample

    250127-jg3d3syraq

  • MD5

    31142bfbf1a11d7bb0fc781e4a150f60

  • SHA1

    39802862cf1fc6fca6b3246fa54aec81ff585e62

  • SHA256

    b3ef4701f85b953d37bb7c01d3e5d883fd48e5b42b1778c3ac154d439eefbdb7

  • SHA512

    0275f5dabaeae487d7adc597717358ab3d9e56446372aa7e0f16f9cce96eb478c3616c9b70dbbf8ed330b2b377e18a0ebd8a2e664c7e377e46e3967292d0e8b1

  • SSDEEP

    1536:auHY6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQte89/5V1LE:auHY53Ln7N041Qqhge89/5I

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      b3ef4701f85b953d37bb7c01d3e5d883fd48e5b42b1778c3ac154d439eefbdb7N.exe

    • Size

      78KB

    • MD5

      31142bfbf1a11d7bb0fc781e4a150f60

    • SHA1

      39802862cf1fc6fca6b3246fa54aec81ff585e62

    • SHA256

      b3ef4701f85b953d37bb7c01d3e5d883fd48e5b42b1778c3ac154d439eefbdb7

    • SHA512

      0275f5dabaeae487d7adc597717358ab3d9e56446372aa7e0f16f9cce96eb478c3616c9b70dbbf8ed330b2b377e18a0ebd8a2e664c7e377e46e3967292d0e8b1

    • SSDEEP

      1536:auHY6638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQte89/5V1LE:auHY53Ln7N041Qqhge89/5I

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks