eternity | 032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b | Triage

Sharing

General

Target

032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b.bin
Size

1.4MB
Sample

220603-j5w7zahdbr
MD5

90874ebf82d294580f7e47427bccb738
SHA1

00fa1a1c93da4f85b2d8cffe39e9ccbcd90d9256
SHA256

032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b
SHA512

ec5af911b1f5be0ad2b8a10182eac760bafafb5f073ed3aa253f0298059bd9f7357745b0c9c8ab6838b65d7ad6d60d3ffc04e79076d33bf0ffadaeaa127ef56b

Score

10^/10

eternity worm

Malware Config

Extracted

Family

eternity

C2

http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion

Attributes

payload_urls
http://soapbeginshops.com/kingz.exe

http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion/shared/telegram.exe

Targets

- Target
  
  032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b.bin
- Size
  
  1.4MB
- MD5
  
  90874ebf82d294580f7e47427bccb738
- SHA1
  
  00fa1a1c93da4f85b2d8cffe39e9ccbcd90d9256
- SHA256
  
  032911e0a222a0e4862c2aa023ec29907ea7fe8228b78fb36afafe991d61436b
- SHA512
  
  ec5af911b1f5be0ad2b8a10182eac760bafafb5f073ed3aa253f0298059bd9f7357745b0c9c8ab6838b65d7ad6d60d3ffc04e79076d33bf0ffadaeaa127ef56b
Score

10^/10

eternity worm
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2