General

  • Target

    4936-193-0x0000000000400000-0x0000000000552000-memory.dmp

  • Size

    1.3MB

  • MD5

    871d2abf9d28b5ee24ebe16e0665b991

  • SHA1

    c0116871d38099b128f5a9949075ba0af6840769

  • SHA256

    4a781fd4926f9ba0fc646bd1421cf9dbd2d25ba829b903f197eea09d7067e0d9

  • SHA512

    6213ee12234a8c8b0589c8bd118dae4a3fccd3975b9fc8ce255ebbee1006b6420895cf013023c7cfc603e47ae2bcbd4852a41af638cc9d6da701a42b36bf12f4

  • SSDEEP

    24576:fpkH+O5MMsj/8oJ0HOgwzMIdEyaXC772Q9NXw2/wPOjdGxY:fWHZ5MMpoJOp+MIVai7Tq24GjdGS

Score
10/10

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes
  • payload_urls

    https://filebin.net/vpaua0vl4owt9i0o/myupdate.exe

    https://filebin.net/vpaua0vl4owt9i0o/Sklmsstregens.vbs, https://filebin.net/vpaua0vl4owt9i0o/remcexecrypt.exe, https://filebin.net/vpaua0vl4owt9i0o/racoocry.exe, https://filebin.net/vpaua0vl4owt9i0o/redlcryp.exe

    https://filebin.net/vpaua0vl4owt9i0o/myupdate.exe

    https://filebin.net/vpaua0vl4owt9i0o/myupdate.exe

Signatures

Files

  • 4936-193-0x0000000000400000-0x0000000000552000-memory.dmp
    .exe windows x86


    Headers

    Sections