General

  • Target

    1Eternity.exe

  • Size

    114KB

  • Sample

    220812-wpvenaafa6

  • MD5

    e534402738b11f52fd1991e2c63f816f

  • SHA1

    5b166f3f830a9f6a3b2e581321c6541819c31771

  • SHA256

    1c77a07e45b4f3e7f2b756c76df58a9d0f78785aa0f9e154074503398203c695

  • SHA512

    b8c8c91c9846e54843098654f6ff52907c58424a8002a67cfe89af1b0905e4ac9c31afa3d407947acff14bc7aa42715f1dba2fb9f11d8e4728cf3823f831858d

Malware Config

Targets

    • Target

      1Eternity.exe

    • Size

      114KB

    • MD5

      e534402738b11f52fd1991e2c63f816f

    • SHA1

      5b166f3f830a9f6a3b2e581321c6541819c31771

    • SHA256

      1c77a07e45b4f3e7f2b756c76df58a9d0f78785aa0f9e154074503398203c695

    • SHA512

      b8c8c91c9846e54843098654f6ff52907c58424a8002a67cfe89af1b0905e4ac9c31afa3d407947acff14bc7aa42715f1dba2fb9f11d8e4728cf3823f831858d

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Disables Task Manager via registry modification

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks