General
-
Target
0a6e2af27039d17fc07f815b64fe9279b14d8d051902eb588807433cd9d272e4.bin
-
Size
1.5MB
-
Sample
220603-j54baaddf6
-
MD5
a3556fe22b3cadaea5bad8d67b63e16a
-
SHA1
d8442ca998329eafbf7419a6126443195948d0ea
-
SHA256
0a6e2af27039d17fc07f815b64fe9279b14d8d051902eb588807433cd9d272e4
-
SHA512
0cee4e20c9f57747f0436ca2bd2f7eec43fba27200c7d62c8303e0d248d87566df377568d68dd4ca7640a2f5a03702b7b4f17bd5984933fc926327889072c06c
Malware Config
Extracted
eternity
http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion
-
payload_urls
http://soapbeginshops.com/kingz.exe
http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion/shared/telegram.exe
Targets
-
-
Target
0a6e2af27039d17fc07f815b64fe9279b14d8d051902eb588807433cd9d272e4.bin
-
Size
1.5MB
-
MD5
a3556fe22b3cadaea5bad8d67b63e16a
-
SHA1
d8442ca998329eafbf7419a6126443195948d0ea
-
SHA256
0a6e2af27039d17fc07f815b64fe9279b14d8d051902eb588807433cd9d272e4
-
SHA512
0cee4e20c9f57747f0436ca2bd2f7eec43fba27200c7d62c8303e0d248d87566df377568d68dd4ca7640a2f5a03702b7b4f17bd5984933fc926327889072c06c
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-