eternity | 08d8781a718df136b5383c168f764918af71852841fb807f82781cbdfea1e350 | Triage

Sharing

General

Target

08d8781a718df136b5383c168f764918af71852841fb807f82781cbdfea1e350
Size

2.9MB
Sample

221118-gkr2eagg34
MD5

a7a196d624419f968ec6d42380a87305
SHA1

3fd10817472a083f311357dec8da57c2faebdaaa
SHA256

08d8781a718df136b5383c168f764918af71852841fb807f82781cbdfea1e350
SHA512

50e8e420672288875b84d681b966deda777157636948a21c111d2041de66e768f2e6fdcbd88077a45d47b299c9f4e1c61b40e29e2bbda4fc911b945a2cb5c57b
SSDEEP

49152:wKr5kr23HrjKjF6eKWubuKjiH3bVgGIR50nlUnd0MSw4ZmUtn3YFs:r02bGjF6vb9jqbdI3EUdPMh3Y

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes

payload_urls
http://193.218.201.246/web1.msi,http://193.218.201.246/web2.exe,http://193.218.201.246/web3.exe

Targets

- Target
  
  08d8781a718df136b5383c168f764918af71852841fb807f82781cbdfea1e350
- Size
  
  2.9MB
- MD5
  
  a7a196d624419f968ec6d42380a87305
- SHA1
  
  3fd10817472a083f311357dec8da57c2faebdaaa
- SHA256
  
  08d8781a718df136b5383c168f764918af71852841fb807f82781cbdfea1e350
- SHA512
  
  50e8e420672288875b84d681b966deda777157636948a21c111d2041de66e768f2e6fdcbd88077a45d47b299c9f4e1c61b40e29e2bbda4fc911b945a2cb5c57b
- SSDEEP
  
  49152:wKr5kr23HrjKjF6eKWubuKjiH3bVgGIR50nlUnd0MSw4ZmUtn3YFs:r02bGjF6vb9jqbdI3EUdPMh3Y
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1