General
-
Target
3a07fecfc2d41835f93f3891ce90807895129d27487b40d00b28290753277cda
-
Size
341KB
-
Sample
220930-1a1qcaehe6
-
MD5
2009eaf75113479d47800afa0912bc86
-
SHA1
21b702e6c52961658b76c9ae2a0446763b655fe7
-
SHA256
3a07fecfc2d41835f93f3891ce90807895129d27487b40d00b28290753277cda
-
SHA512
457081954a6705f1d3d934c648219f0ea16e3dd2c7af4d843c00dad132491631e6aeb7439693c88060dda9e9143b4f9141dce8aee1a0e65bff97de991ae4017b
-
SSDEEP
6144:ia4VhHCa1jUcLLz60VJarxFGVKbSxps19TUtTvEXcIROt3l2+C0O9:i9VhjnzBbpsQTOOyP0
Static task
static1
Behavioral task
behavioral1
Sample
3a07fecfc2d41835f93f3891ce90807895129d27487b40d00b28290753277cda.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
eternity
http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion
Targets
-
-
Target
3a07fecfc2d41835f93f3891ce90807895129d27487b40d00b28290753277cda
-
Size
341KB
-
MD5
2009eaf75113479d47800afa0912bc86
-
SHA1
21b702e6c52961658b76c9ae2a0446763b655fe7
-
SHA256
3a07fecfc2d41835f93f3891ce90807895129d27487b40d00b28290753277cda
-
SHA512
457081954a6705f1d3d934c648219f0ea16e3dd2c7af4d843c00dad132491631e6aeb7439693c88060dda9e9143b4f9141dce8aee1a0e65bff97de991ae4017b
-
SSDEEP
6144:ia4VhHCa1jUcLLz60VJarxFGVKbSxps19TUtTvEXcIROt3l2+C0O9:i9VhjnzBbpsQTOOyP0
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-