General
-
Target
7c0790ce5a7cfd7a3ab0af70a4766b7003bdf8eb2e366f5c74f609c57c34f4bb
-
Size
1.7MB
-
Sample
220802-ca7xnafecr
-
MD5
579d28e50ecccfc10ead72711c9ea77a
-
SHA1
ec16922366cf1f97d598b203608ea7ade90a8d85
-
SHA256
7c0790ce5a7cfd7a3ab0af70a4766b7003bdf8eb2e366f5c74f609c57c34f4bb
-
SHA512
8bd1e06c2720df9bbbc639983cc16f07ab7e37e236185e67c37e4a2131a3a3127dbf69e7ffa6f2b5316e606f1fb6a7742143fd5f432a63090760aafc02af2e44
Behavioral task
behavioral1
Sample
7c0790ce5a7cfd7a3ab0af70a4766b7003bdf8eb2e366f5c74f609c57c34f4bb.exe
Resource
win7-20220715-en
Malware Config
Extracted
eternity
http://iqox575zftwvbkphhnbdxkg6pfrgcmeos3rebjwdt6ra2r73u5iq2jqd.onion
-
payload_urls
http://c.vinhall169.com/w.exe
http://c.vinhall169.com/1.exe,https://d3.7-zip.org/a/7z2107-x64.exe
http://iqox575zftwvbkphhnbdxkg6pfrgcmeos3rebjwdt6ra2r73u5iq2jqd.onion/shared/worm.exe
Targets
-
-
Target
7c0790ce5a7cfd7a3ab0af70a4766b7003bdf8eb2e366f5c74f609c57c34f4bb
-
Size
1.7MB
-
MD5
579d28e50ecccfc10ead72711c9ea77a
-
SHA1
ec16922366cf1f97d598b203608ea7ade90a8d85
-
SHA256
7c0790ce5a7cfd7a3ab0af70a4766b7003bdf8eb2e366f5c74f609c57c34f4bb
-
SHA512
8bd1e06c2720df9bbbc639983cc16f07ab7e37e236185e67c37e4a2131a3a3127dbf69e7ffa6f2b5316e606f1fb6a7742143fd5f432a63090760aafc02af2e44
-
Detects Eternity worm
-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-