General
-
Target
025e74a98cb22aab0eb2dbff69cb5abd4f1d529925d9e456f92f5fd6ff1e11c3.bin
-
Size
62KB
-
Sample
220517-n63hlabeb8
-
MD5
c4b46a2d0898e9ba438366f878cd74bd
-
SHA1
f95a0529fbb8aa61cd3dee602fa6555b2c86dd62
-
SHA256
025e74a98cb22aab0eb2dbff69cb5abd4f1d529925d9e456f92f5fd6ff1e11c3
-
SHA512
ae9cf9516ed834af320acd0d65ce58bf9b0b118228c820ee55e8db0d91b931426bdf0144f922c0d34e74f4a5b657ae5cd614179456e700f4618f0721caeb56bd
Static task
static1
Behavioral task
behavioral1
Sample
025e74a98cb22aab0eb2dbff69cb5abd4f1d529925d9e456f92f5fd6ff1e11c3.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
025e74a98cb22aab0eb2dbff69cb5abd4f1d529925d9e456f92f5fd6ff1e11c3.bin
-
Size
62KB
-
MD5
c4b46a2d0898e9ba438366f878cd74bd
-
SHA1
f95a0529fbb8aa61cd3dee602fa6555b2c86dd62
-
SHA256
025e74a98cb22aab0eb2dbff69cb5abd4f1d529925d9e456f92f5fd6ff1e11c3
-
SHA512
ae9cf9516ed834af320acd0d65ce58bf9b0b118228c820ee55e8db0d91b931426bdf0144f922c0d34e74f4a5b657ae5cd614179456e700f4618f0721caeb56bd
-
Detects Eternity clipper
-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
suricata: ET MALWARE Eternity Stealer CnC Domain in DNS Lookup (wasabiwallet .online)
suricata: ET MALWARE Eternity Stealer CnC Domain in DNS Lookup (wasabiwallet .online)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-