Behavioral task
behavioral1
Sample
360-59-0x0000000000400000-0x0000000000410000-memory.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
360-59-0x0000000000400000-0x0000000000410000-memory.exe
Resource
win10v2004-20220812-en
General
-
Target
360-59-0x0000000000400000-0x0000000000410000-memory.dmp
-
Size
64KB
-
MD5
89fbf942679718af225e639d8fdbd53e
-
SHA1
398cd2b873433f05f2e8ac54eb808743347db0f8
-
SHA256
e826914e2a405e2ee9ec84b1dde74b9be967f58a7fda92281d037fc0833d87b3
-
SHA512
1dd7714b58b8ec0b05b149a254d183af11aebfe1d8a4b30a367090cc1db903eb344c86c220a295d8836433ab774903872df36759f8b7c2786bddbd646444fab4
-
SSDEEP
768:TdrSC2AuPUDc0WwLdBGIB3qOrXv9eVB4N63fQT7iXIBt+VbG6gpZb046GA:RCPUA+P3qyvQhFbTg3
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
41r3LwMnez561bPJdamkzFfVoUJhmJQjHXSGz2e1Cb8xBCgvvSN36REatA7Ayn2GubDXyE2SQsar4LJDTAr8DnwPSmViy7o
1NSf3HSaEVJQv82Wg1Dxwrq8vksbXk1Uz9
0x5296E7a3aBa03B60e9ab2fF31Bc4Bda5C4306E70
0x5296E7a3aBa03B60e9ab2fF31Bc4Bda5C4306E70
0x5296E7a3aBa03B60e9ab2fF31Bc4Bda5C4306E70
0x5296E7a3aBa03B60e9ab2fF31Bc4Bda5C4306E70
0x5296E7a3aBa03B60e9ab2fF31Bc4Bda5C4306E70
D8JaQ1S56v9q1PYvgiMSiJKcpr62rzNmPP
TGPdhxdT1AdFBy9ojeACoPDhGG9BJsDRcG
t1V7NEnYmdnGVMFE7nLmW9r1DxnvBdZEcuu
XpTXPMSoGXwsHWs1h9fnUTDo2HfJbXyzqk
Signatures
Files
-
360-59-0x0000000000400000-0x0000000000410000-memory.dmp.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ