General

  • Target

    2Eternity.exe

  • Size

    117KB

  • Sample

    220812-wpzz5sgcal

  • MD5

    b23476113eb68abb68eceb921f5ad7fe

  • SHA1

    1bc3f9e8e9102bf9f0529d5d66cf2c48c00036c6

  • SHA256

    d7d9aa755f27c0490145da3dcdf5d205e27f0a0e43a584d36dceb14c3d56dfa1

  • SHA512

    4ecbc6eebb52769fe0b0a360c75c87163941f41e4da3fb7d210744caf19a7612195871806937ee4fc1d8df4959976ef6de8b38803b1d09a82f37aa099876c1ca

Malware Config

Targets

    • Target

      2Eternity.exe

    • Size

      117KB

    • MD5

      b23476113eb68abb68eceb921f5ad7fe

    • SHA1

      1bc3f9e8e9102bf9f0529d5d66cf2c48c00036c6

    • SHA256

      d7d9aa755f27c0490145da3dcdf5d205e27f0a0e43a584d36dceb14c3d56dfa1

    • SHA512

      4ecbc6eebb52769fe0b0a360c75c87163941f41e4da3fb7d210744caf19a7612195871806937ee4fc1d8df4959976ef6de8b38803b1d09a82f37aa099876c1ca

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Disables Task Manager via registry modification

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks