General

  • Target

    28a99395eea8fa605a337ab838137c1401c0f8b25cee094c88da0fad5f5e2010

  • Size

    406KB

  • Sample

    220823-16t8faccbj

  • MD5

    2e70fbe4eedc49dc19c415530ec5ad6e

  • SHA1

    fd6ffdbe27e64b02386237682df457a24726b060

  • SHA256

    28a99395eea8fa605a337ab838137c1401c0f8b25cee094c88da0fad5f5e2010

  • SHA512

    bca1e0a7d0f00754a5157ea7415c7b6100561e244a2214fb28333944af1f7c8ecdfdec33b5d24f112a337b742255aa7d9f2240447371fa1f63ca85939ef27740

  • SSDEEP

    6144:S4ShebILMuPcpLNpn8mbzOPYfyJNPg7lAX42ryOWQX0XU5ZofPSHJy2GY:jVUKpxpn/bz1iPgzGZXTeCHJPz

Score
10/10

Malware Config

Extracted

Family

eternity

C2

http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion

Wallets

41uujoKimryVp1Bso5AZdAA6KwW442yj46NgoZwEb4QvCPVtC4bXgtSNPSWAvyXNZzgJQKdEPTCjYFSaU6QSCwUyCMqXn5A

bc1qc8ts6es0faumtnvp476vrs9ga25xelztug4rwl

356sDpVBh7bdY4wiRUfcJysjuQPmZ4SaMKc5ro2AfHgv

qp6gel3wwv6848zzqtq49xzvausjswgt7gzg0yvs5q

0x15AAA7DE77a14874CAf600F1cc8468dc01836C6B

DUMn8SBmFTNRJtb6gHB4jBS9sYxs4FNXRW

TPxk518cUTAHipTaxgKyLTa3MRJxph5qDb

LN3Dj1bmBt21HGXHF6w762bhSyC5zCLNtp

rMZ1oS3AdYdVMSet1htfF1dEvGGXJ1Xdtn

t1a6aHxpaWV1HJzxvRSoM3dxWFAv1qtSriK

XsvRwqjyKrSSCo2wJ97EvNobosFAk8MFpH

AKsL7o7QL4miQ79q5UuMk1ZiYztnbvsFyr

GDKJHN4MQQ37ULFV3FO5B2Z7CFWVB2FJI4ZITAZ4UHXJK7ORVKVBW6TQ

bnb1f5vt6jhthuf76lzas083ahttesxu5mcpccgsqn

356sDpVBh7bdY4wiRUfcJysjuQPmZ4SaMKc5ro2AfHgv

JSMF67Z5GZXS4OO7BH3O425KTPX4XIBW2LTGRAC4WNMRAV4ACDY5Z3VBL4

Targets

    • Target

      28a99395eea8fa605a337ab838137c1401c0f8b25cee094c88da0fad5f5e2010

    • Size

      406KB

    • MD5

      2e70fbe4eedc49dc19c415530ec5ad6e

    • SHA1

      fd6ffdbe27e64b02386237682df457a24726b060

    • SHA256

      28a99395eea8fa605a337ab838137c1401c0f8b25cee094c88da0fad5f5e2010

    • SHA512

      bca1e0a7d0f00754a5157ea7415c7b6100561e244a2214fb28333944af1f7c8ecdfdec33b5d24f112a337b742255aa7d9f2240447371fa1f63ca85939ef27740

    • SSDEEP

      6144:S4ShebILMuPcpLNpn8mbzOPYfyJNPg7lAX42ryOWQX0XU5ZofPSHJy2GY:jVUKpxpn/bz1iPgzGZXTeCHJPz

    Score
    10/10
    • Detects Eternity clipper

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks