General
-
Target
e9d811bbc2a069808758431bcdacddcf81fef8aefafe9d733d881682548c56b8.exe
-
Size
78KB
-
Sample
250217-jshttawmaj
-
MD5
e1dc68718d5eda4005030486b6e5e373
-
SHA1
a268407a73d548241411b41722d5bd6723dbb385
-
SHA256
e9d811bbc2a069808758431bcdacddcf81fef8aefafe9d733d881682548c56b8
-
SHA512
8e21637d7bd1c3f1c0cbeeadcc07d1f8f509baac0c5f1a47bddfd8574dcc33211b24ba23c73740e3857cde50b3fae9d136a7c46e0128cea83101194f160c24fa
-
SSDEEP
1536:EsHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtz9/z10TF:EsHa3Ln7N041Qqhgz9/wF
Static task
static1
Behavioral task
behavioral1
Sample
e9d811bbc2a069808758431bcdacddcf81fef8aefafe9d733d881682548c56b8.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e9d811bbc2a069808758431bcdacddcf81fef8aefafe9d733d881682548c56b8.exe
Resource
win10v2004-20250207-en
Malware Config
Targets
-
-
Target
e9d811bbc2a069808758431bcdacddcf81fef8aefafe9d733d881682548c56b8.exe
-
Size
78KB
-
MD5
e1dc68718d5eda4005030486b6e5e373
-
SHA1
a268407a73d548241411b41722d5bd6723dbb385
-
SHA256
e9d811bbc2a069808758431bcdacddcf81fef8aefafe9d733d881682548c56b8
-
SHA512
8e21637d7bd1c3f1c0cbeeadcc07d1f8f509baac0c5f1a47bddfd8574dcc33211b24ba23c73740e3857cde50b3fae9d136a7c46e0128cea83101194f160c24fa
-
SSDEEP
1536:EsHH638dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtz9/z10TF:EsHa3Ln7N041Qqhgz9/wF
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1