General
-
Target
2c16c82871b06b7daf9e808b1a4b82acf95caa41dfbba2ca69ea5026cd446d4b.bin
-
Size
4.8MB
-
Sample
220603-j58wrsddf8
-
MD5
a4aedc1d40075e21485309d70e5d44ab
-
SHA1
9e51b2231a97b7dfdb9535adc1af1cce3a39addd
-
SHA256
2c16c82871b06b7daf9e808b1a4b82acf95caa41dfbba2ca69ea5026cd446d4b
-
SHA512
24ada2b15ab73a44b222be5ffa0c5c9f841c368d9ae9f70984c03d0df98d12167e20299cfbe88ae337e9c416a97f19ab2ab2108ca83b55b3d24ddb75d20ecd24
Malware Config
Extracted
eternity
http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion
-
payload_urls
http://soapbeginshops.com/kingz.exe
http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion/shared/telegram.exe
Targets
-
-
Target
2c16c82871b06b7daf9e808b1a4b82acf95caa41dfbba2ca69ea5026cd446d4b.bin
-
Size
4.8MB
-
MD5
a4aedc1d40075e21485309d70e5d44ab
-
SHA1
9e51b2231a97b7dfdb9535adc1af1cce3a39addd
-
SHA256
2c16c82871b06b7daf9e808b1a4b82acf95caa41dfbba2ca69ea5026cd446d4b
-
SHA512
24ada2b15ab73a44b222be5ffa0c5c9f841c368d9ae9f70984c03d0df98d12167e20299cfbe88ae337e9c416a97f19ab2ab2108ca83b55b3d24ddb75d20ecd24
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-