Overview

overview

10

Static

static

3

da730918df...dc.exe

windows7-x64

10

da730918df...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da730918dfa4c2ff130f8121a680acc8b39971ee0537a17a95911b260a23c8dc.exe

  • Size

    78KB

  • Sample

    250217-je4jcsvrgt

  • MD5

    f81f70cb711c0ef11a6f37f502cd35c8

  • SHA1

    3661fb6a5aa39bcfa4d6413c723dbdb435c41c86

  • SHA256

    da730918dfa4c2ff130f8121a680acc8b39971ee0537a17a95911b260a23c8dc

  • SHA512

    9a53a473281ad6496b37f0af701d1582c8ff8488c4057d0d77ee3c46d95f18dd062b9c9a1ae03e09f2838014ff92f7abff0df97ac1a8c68a2af043b11481e239

  • SSDEEP

    1536:B586dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC659/Cw1eYM:B581n7N041QqhgB9/3M

Score
10/10
metamorpherratdiscoverypersistenceratstealertrojan

Malware Config

Targets

    • Target

      da730918dfa4c2ff130f8121a680acc8b39971ee0537a17a95911b260a23c8dc.exe

    • Size

      78KB

    • MD5

      f81f70cb711c0ef11a6f37f502cd35c8

    • SHA1

      3661fb6a5aa39bcfa4d6413c723dbdb435c41c86

    • SHA256

      da730918dfa4c2ff130f8121a680acc8b39971ee0537a17a95911b260a23c8dc

    • SHA512

      9a53a473281ad6496b37f0af701d1582c8ff8488c4057d0d77ee3c46d95f18dd062b9c9a1ae03e09f2838014ff92f7abff0df97ac1a8c68a2af043b11481e239

    • SSDEEP

      1536:B586dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC659/Cw1eYM:B581n7N041QqhgB9/3M

    Score
    10/10
    metamorpherratdiscoverypersistenceratstealertrojan

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

      trojanratstealermetamorpherrat

    • Metamorpherrat family

      metamorpherrat

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks