Overview

overview

10

Static

static

032911e0a2...6b.exe

windows7_x64

10

032911e0a2...6b.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b.bin

  • Size

    1.4MB

  • Sample

    220603-j5w7zahdbr

  • MD5

    90874ebf82d294580f7e47427bccb738

  • SHA1

    00fa1a1c93da4f85b2d8cffe39e9ccbcd90d9256

  • SHA256

    032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b

  • SHA512

    ec5af911b1f5be0ad2b8a10182eac760bafafb5f073ed3aa253f0298059bd9f7357745b0c9c8ab6838b65d7ad6d60d3ffc04e79076d33bf0ffadaeaa127ef56b

Score
10/10
eternityworm

Malware Config

Extracted

Family

eternity

C2

http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion

Attributes
  • payload_urls

    http://soapbeginshops.com/kingz.exe

    http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion/shared/telegram.exe

Targets

    • Target

      032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b.bin

    • Size

      1.4MB

    • MD5

      90874ebf82d294580f7e47427bccb738

    • SHA1

      00fa1a1c93da4f85b2d8cffe39e9ccbcd90d9256

    • SHA256

      032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b

    • SHA512

      ec5af911b1f5be0ad2b8a10182eac760bafafb5f073ed3aa253f0298059bd9f7357745b0c9c8ab6838b65d7ad6d60d3ffc04e79076d33bf0ffadaeaa127ef56b

    Score
    10/10
    eternityworm

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

      eternity

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks