General
-
Target
abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
-
Size
334KB
-
Sample
220930-we8vasfcej
-
MD5
677830c653b813525943da3ccc7c9a37
-
SHA1
cc7c92c2b1c08bd182629cfd42455fee969606b7
-
SHA256
abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
-
SHA512
0ab932e0535e6471357f664c53077090920b6a0cba03b65f1e63528666bf96c0436810175d58463092586ec39a24b1747f2b7805640d9145e1260efe21dc7708
-
SSDEEP
6144:nOaF+lSuzISz4aNcr1wAmbnwAmocsiftW7Ywbdtkjl5A:nOaolS0Z8kn3ULYYA+
Malware Config
Extracted
eternity
http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion
Targets
-
-
Target
abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
-
Size
334KB
-
MD5
677830c653b813525943da3ccc7c9a37
-
SHA1
cc7c92c2b1c08bd182629cfd42455fee969606b7
-
SHA256
abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
-
SHA512
0ab932e0535e6471357f664c53077090920b6a0cba03b65f1e63528666bf96c0436810175d58463092586ec39a24b1747f2b7805640d9145e1260efe21dc7708
-
SSDEEP
6144:nOaF+lSuzISz4aNcr1wAmbnwAmocsiftW7Ywbdtkjl5A:nOaolS0Z8kn3ULYYA+
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-