Behavioral task
behavioral1
Sample
0x00090000000139f7-58.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0x00090000000139f7-58.exe
Resource
win10v2004-20220812-en
General
-
Target
0x00090000000139f7-58.dat
-
Size
334KB
-
MD5
126fe59c0f926132abfef83696fc9aac
-
SHA1
c4f2047455d5f02af5ec8cf9644f8cd491fd7e46
-
SHA256
fa2a334940cbe72ec5ac5fb691299d9964b6de2a778172c9b8d6738a9cdbd01b
-
SHA512
36927d1d03463220057b1acd58a45dc9a6cf9f25d21652c35dc891125ce4da36807aea90548cf0a4dfc6c2e2c3ffab893fa2426831866182436d8242522549a5
-
SSDEEP
6144:PKGpPpPGy64jkNmK8BQBxzBLkGa1x4mJorAR/IbwVx:PKGpRPnKPbLkGa1KAR/
Malware Config
Extracted
eternity
http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion
Signatures
-
Eternity family
Files
-
0x00090000000139f7-58.dat.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 331KB - Virtual size: 330KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ