General
-
Target
ca1a716191a8f670286367f8344bee6d9506720eb4b6c7485bf1477c93536288
-
Size
1.7MB
-
Sample
221202-d8gc2adh8t
-
MD5
ce3c2e93978895a4195d6c094f40da7b
-
SHA1
0efb66a4f8abd84654e1bace4644f72af2e06d65
-
SHA256
ca1a716191a8f670286367f8344bee6d9506720eb4b6c7485bf1477c93536288
-
SHA512
32056d7f7b8230e2e7c55e89a5c852ddb96b853bb9d180661dcba99f9f53e23e9fb1a7909e07f247fe9116b3ab9f84b5b0f5cb0626236bc51ced9c49923d731e
-
SSDEEP
24576:YIK4j/Sb6n6cFx0PNiAoGUMkGKwa92XbbNHJmNVhpvZlWW2cdXp14i8W2heqO:rI66TU0C2XvN4NVTqW2y+
Static task
static1
Behavioral task
behavioral1
Sample
ca1a716191a8f670286367f8344bee6d9506720eb4b6c7485bf1477c93536288.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
-
payload_urls
http://167.88.170.23/w993.exe
http://167.88.170.23/s101.exe,http://167.88.170.23/101.exe,http://167.88.170.23/R101.exe
Targets
-
-
Target
ca1a716191a8f670286367f8344bee6d9506720eb4b6c7485bf1477c93536288
-
Size
1.7MB
-
MD5
ce3c2e93978895a4195d6c094f40da7b
-
SHA1
0efb66a4f8abd84654e1bace4644f72af2e06d65
-
SHA256
ca1a716191a8f670286367f8344bee6d9506720eb4b6c7485bf1477c93536288
-
SHA512
32056d7f7b8230e2e7c55e89a5c852ddb96b853bb9d180661dcba99f9f53e23e9fb1a7909e07f247fe9116b3ab9f84b5b0f5cb0626236bc51ced9c49923d731e
-
SSDEEP
24576:YIK4j/Sb6n6cFx0PNiAoGUMkGKwa92XbbNHJmNVhpvZlWW2cdXp14i8W2heqO:rI66TU0C2XvN4NVTqW2y+
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-