General

  • Target

    d562e45dc6ce60ea42da72b90d1ac4d9e8e5b6da7de1969960c678e0aafc83ab

  • Size

    2.0MB

  • Sample

    221201-srmwtafa6w

  • MD5

    d7345c3799c2c1c190f52cd573871906

  • SHA1

    86e79c08375d60eee1dd71326edd46b136b7deff

  • SHA256

    d562e45dc6ce60ea42da72b90d1ac4d9e8e5b6da7de1969960c678e0aafc83ab

  • SHA512

    70f73233e005bab9b047eea885f3f8eac6844b468c5f7e0a83166f4c5abbc09476b03ddfcdc950554c66df08389e551963ed62c8ba457ee2401b08171ab3f82c

  • SSDEEP

    49152:wd6/P03TUlNHNTPA3no7TAnpRqZgJ6m3uV1yvmwCuxnp:wJ3itTP3gc8G0F5

Score
10/10

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes
  • payload_urls

    http://167.88.170.23/w993.exe

    http://167.88.170.23/s101.exe,http://167.88.170.23/101.exe,http://167.88.170.23/R101.exe

Targets

    • Target

      d562e45dc6ce60ea42da72b90d1ac4d9e8e5b6da7de1969960c678e0aafc83ab

    • Size

      2.0MB

    • MD5

      d7345c3799c2c1c190f52cd573871906

    • SHA1

      86e79c08375d60eee1dd71326edd46b136b7deff

    • SHA256

      d562e45dc6ce60ea42da72b90d1ac4d9e8e5b6da7de1969960c678e0aafc83ab

    • SHA512

      70f73233e005bab9b047eea885f3f8eac6844b468c5f7e0a83166f4c5abbc09476b03ddfcdc950554c66df08389e551963ed62c8ba457ee2401b08171ab3f82c

    • SSDEEP

      49152:wd6/P03TUlNHNTPA3no7TAnpRqZgJ6m3uV1yvmwCuxnp:wJ3itTP3gc8G0F5

    Score
    10/10
    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks