General
-
Target
Worm (1).exee
-
Size
1.3MB
-
Sample
221108-3cz8psdggk
-
MD5
4a9ffb6962544b4dd55ce6ff568810b7
-
SHA1
a04a58215250d0bbe79fd946e6f5a73e8be27133
-
SHA256
8102f6139e928e1e844e7625f41bfa2b65f6ba05e95c43f1ecb329d72a91592b
-
SHA512
5b7e84b8a49200960a5312a373ef6245c2d997b5e3b9a761cb15a83ffe2edf9dc860c1bcd7ebb9eb7cd774c6f1364d505016446f713acfdfb682bb01c148053b
-
SSDEEP
24576:mckH+O5MMsj/8oJ0HOgwzMIdEyaXC772Q9NXw2/wPOjdGxY:mBHZ5MMpoJOp+MIVai7Tq24GjdGS
Behavioral task
behavioral1
Sample
Worm (1).exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
-
payload_urls
https://raroford3242.xyz/myupdate.exe
https://raroford3242.xyz/Sklmsstregens.vbs, https://raroford3242.xyz/remcexecrypt.exe, https://raroford3242.xyz/redlcryp.exe, https://raroford3242.xyz/racoocry.exe
https://raroford3242.xyz/myupdate.exe
https://raroford3242.xyz/myupdate.exe
Targets
-
-
Target
Worm (1).exee
-
Size
1.3MB
-
MD5
4a9ffb6962544b4dd55ce6ff568810b7
-
SHA1
a04a58215250d0bbe79fd946e6f5a73e8be27133
-
SHA256
8102f6139e928e1e844e7625f41bfa2b65f6ba05e95c43f1ecb329d72a91592b
-
SHA512
5b7e84b8a49200960a5312a373ef6245c2d997b5e3b9a761cb15a83ffe2edf9dc860c1bcd7ebb9eb7cd774c6f1364d505016446f713acfdfb682bb01c148053b
-
SSDEEP
24576:mckH+O5MMsj/8oJ0HOgwzMIdEyaXC772Q9NXw2/wPOjdGxY:mBHZ5MMpoJOp+MIVai7Tq24GjdGS
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-