General
-
Target
tmp
-
Size
1.8MB
-
Sample
221130-pkp6tada8t
-
MD5
44effc7911d5d30eee8046847b5e51a0
-
SHA1
9f056d46778af4c12965b6da6adf7e8bd4c1e801
-
SHA256
6d46c2fe42b53385f98f417e5e79b56ee12a3153ad7304a334bc2b4541d84e81
-
SHA512
f929769ba14b0564a8f5ad8d9604d8d9106233e459ab4556cfa22d9d2257318b84dc4a1854401e410b65ef612bca8de36830736f14bcb5a2940d3f492126e575
-
SSDEEP
49152:IBJ5w3gdZHOAWxTAwslyNIlS7PFO9KP142cgXWef:yw38R5pY0EQx2hGk
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
Targets
-
-
Target
tmp
-
Size
1.8MB
-
MD5
44effc7911d5d30eee8046847b5e51a0
-
SHA1
9f056d46778af4c12965b6da6adf7e8bd4c1e801
-
SHA256
6d46c2fe42b53385f98f417e5e79b56ee12a3153ad7304a334bc2b4541d84e81
-
SHA512
f929769ba14b0564a8f5ad8d9604d8d9106233e459ab4556cfa22d9d2257318b84dc4a1854401e410b65ef612bca8de36830736f14bcb5a2940d3f492126e575
-
SSDEEP
49152:IBJ5w3gdZHOAWxTAwslyNIlS7PFO9KP142cgXWef:yw38R5pY0EQx2hGk
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-