General

  • Target

    dabf03c9a26775c251f857f1ed7c3b17e3bfb26bc50d75f135104270b5188067

  • Size

    492KB

  • Sample

    220811-zp8h3accfr

  • MD5

    0ebe8de305581c9eca37e53a46d033c8

  • SHA1

    3068323ddb9d09a0a10e1f7d834e1358a9cd7f89

  • SHA256

    dabf03c9a26775c251f857f1ed7c3b17e3bfb26bc50d75f135104270b5188067

  • SHA512

    bd7bc348869325f8b9a19810e6e49bfaba4a47ca258744f1b17130584a82e88b3b9a42a4a7fb735c33544931b9c08effee5e6c387a5cf812af139624f0091d98

Malware Config

Targets

    • Target

      dabf03c9a26775c251f857f1ed7c3b17e3bfb26bc50d75f135104270b5188067

    • Size

      492KB

    • MD5

      0ebe8de305581c9eca37e53a46d033c8

    • SHA1

      3068323ddb9d09a0a10e1f7d834e1358a9cd7f89

    • SHA256

      dabf03c9a26775c251f857f1ed7c3b17e3bfb26bc50d75f135104270b5188067

    • SHA512

      bd7bc348869325f8b9a19810e6e49bfaba4a47ca258744f1b17130584a82e88b3b9a42a4a7fb735c33544931b9c08effee5e6c387a5cf812af139624f0091d98

    • Detects Eternity stealer

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks