General
-
Target
219c1d87426d8ed8b3e62176d1291f80.exe
-
Size
8.9MB
-
Sample
221127-h6m51sda51
-
MD5
219c1d87426d8ed8b3e62176d1291f80
-
SHA1
105af4d6ca9510c99657145ff0ebf4db71238a32
-
SHA256
67014237713d167e0676ed58d8aa095cbfef04cbc834c0dc512fd5c3df6285ea
-
SHA512
0bcfb390bd234bd313ea4335faae2011e297f7d9012b14457a011c883b171b99c08e8c43a6f4502ea260a2138521c006e0e78365cbcfb74cb7a417e8e9b56dd6
-
SSDEEP
196608:FquoUUOSW7GeGIr1reEs+sqgwC1UODDjai0fyxrAWk:00EkbGIrZbbsPUODZY
Behavioral task
behavioral1
Sample
219c1d87426d8ed8b3e62176d1291f80.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
219c1d87426d8ed8b3e62176d1291f80.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
-
payload_urls
http://167.88.170.23/w993.exe
http://167.88.170.23/s101.exe,http://167.88.170.23/101.exe,http://167.88.170.23/R101.exe
Targets
-
-
Target
219c1d87426d8ed8b3e62176d1291f80.exe
-
Size
8.9MB
-
MD5
219c1d87426d8ed8b3e62176d1291f80
-
SHA1
105af4d6ca9510c99657145ff0ebf4db71238a32
-
SHA256
67014237713d167e0676ed58d8aa095cbfef04cbc834c0dc512fd5c3df6285ea
-
SHA512
0bcfb390bd234bd313ea4335faae2011e297f7d9012b14457a011c883b171b99c08e8c43a6f4502ea260a2138521c006e0e78365cbcfb74cb7a417e8e9b56dd6
-
SSDEEP
196608:FquoUUOSW7GeGIr1reEs+sqgwC1UODDjai0fyxrAWk:00EkbGIrZbbsPUODZY
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-