General
-
Target
5f593ccd7571dd76fa782e24e2466b4c0a46a3d537c4092080d8c4722e89b5e9
-
Size
14KB
-
Sample
221123-q25s9sae6v
-
MD5
f0b3cfdcf9b45fad9316a91ad770e3e1
-
SHA1
a2e9b01faee6a37ef3a51bbb02f6c5bac4c473a2
-
SHA256
5f593ccd7571dd76fa782e24e2466b4c0a46a3d537c4092080d8c4722e89b5e9
-
SHA512
6965d6a85c89a38af082674891e0945b1cffd9cd3b6b402fdcbd93a8e027936f98db37d093dc3694b2c73167e3d54cd79ccc37caea90f4ca1bb664857006811a
-
SSDEEP
384:wIpm2b9AbbFgUKBdqy32ZM+dfOEambfsyy0wrm9EvLtk5tx+C:732O+fOMb6pcEvLWZ
Malware Config
Extracted
eternity
http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion
-
payload_urls
http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion.pet/shared/xmrig.exe
Targets
-
-
Target
5f593ccd7571dd76fa782e24e2466b4c0a46a3d537c4092080d8c4722e89b5e9
-
Size
14KB
-
MD5
f0b3cfdcf9b45fad9316a91ad770e3e1
-
SHA1
a2e9b01faee6a37ef3a51bbb02f6c5bac4c473a2
-
SHA256
5f593ccd7571dd76fa782e24e2466b4c0a46a3d537c4092080d8c4722e89b5e9
-
SHA512
6965d6a85c89a38af082674891e0945b1cffd9cd3b6b402fdcbd93a8e027936f98db37d093dc3694b2c73167e3d54cd79ccc37caea90f4ca1bb664857006811a
-
SSDEEP
384:wIpm2b9AbbFgUKBdqy32ZM+dfOEambfsyy0wrm9EvLtk5tx+C:732O+fOMb6pcEvLWZ
-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
XMRig Miner payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Legitimate hosting services abused for malware hosting/C2
-