Overview

overview

10

Static

static

05821994ca...b3.exe

windows7_x64

10

05821994ca...b3.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3.bin

  • Size

    3.4MB

  • Sample

    220603-j5z9mahdck

  • MD5

    2e4de9ef1804c3616638a00344425e45

  • SHA1

    5ee95d0a73e42a343afcd65f5f62c5fba58d7f82

  • SHA256

    05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3

  • SHA512

    4f696e07d49f5ab9d0e70b5d0be6db71169c3608889bb105a32113acfac603d63ffa904f5c74a33151aa6d469a9bf166519f0607a66191cb68932ce392d91323

Score
10/10
eternityworm

Malware Config

Extracted

Family

eternity

C2

http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion

Attributes
  • payload_urls

    http://soapbeginshops.com/kingz.exe

    http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion/shared/telegram.exe

Targets

    • Target

      05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3.bin

    • Size

      3.4MB

    • MD5

      2e4de9ef1804c3616638a00344425e45

    • SHA1

      5ee95d0a73e42a343afcd65f5f62c5fba58d7f82

    • SHA256

      05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3

    • SHA512

      4f696e07d49f5ab9d0e70b5d0be6db71169c3608889bb105a32113acfac603d63ffa904f5c74a33151aa6d469a9bf166519f0607a66191cb68932ce392d91323

    Score
    10/10
    eternityworm

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

      eternity

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks