eternity | 05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3 | Triage

Sharing

General

Target

05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3.bin
Size

3.4MB
Sample

220603-j5z9mahdck
MD5

2e4de9ef1804c3616638a00344425e45
SHA1

5ee95d0a73e42a343afcd65f5f62c5fba58d7f82
SHA256

05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3
SHA512

4f696e07d49f5ab9d0e70b5d0be6db71169c3608889bb105a32113acfac603d63ffa904f5c74a33151aa6d469a9bf166519f0607a66191cb68932ce392d91323

Score

10^/10

eternity worm

Malware Config

Extracted

Family

eternity

C2

http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion

Attributes

payload_urls
http://soapbeginshops.com/kingz.exe

http://lightnogu5owjjllyo4tj2sfos6fchnmcidlgo6c7e6fz2hgryhfhoyd.onion/shared/telegram.exe

Targets

- Target
  
  05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3.bin
- Size
  
  3.4MB
- MD5
  
  2e4de9ef1804c3616638a00344425e45
- SHA1
  
  5ee95d0a73e42a343afcd65f5f62c5fba58d7f82
- SHA256
  
  05821994caa06407e84a713aa141667d2b22f83318721a1edaed49c07fc273b3
- SHA512
  
  4f696e07d49f5ab9d0e70b5d0be6db71169c3608889bb105a32113acfac603d63ffa904f5c74a33151aa6d469a9bf166519f0607a66191cb68932ce392d91323
Score

10^/10

eternity worm
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2