General
-
Target
9b126111b5de49830186c2828d3feb041172364a8eb5c95b4205aed9570a0fea
-
Size
2.1MB
-
Sample
221206-s12fkadh7t
-
MD5
0f925eacf232e2c212c0fd5ec130faf2
-
SHA1
3a165b24ccc6779712104317bcfa00179f5f3fff
-
SHA256
9b126111b5de49830186c2828d3feb041172364a8eb5c95b4205aed9570a0fea
-
SHA512
da6fdc705ca3d5d6b079744de4f7bb426df9c04280cbbd4466d3c5ce3ad117ee18bcfeaaaf339e71fbb09dc7634a13d204ae8f3648a8f1294225cd2e2e9e4311
-
SSDEEP
49152:jvFkZf+5yFXfXDLV+0EgDHMj1kQCrZgt7/U9QJQDkLqD2ZT:mEytXfVxIeQwP9okRDY
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
-
payload_urls
http://167.88.170.23/w993.exe
http://167.88.170.23/s101.exe,http://167.88.170.23/101.exe,http://167.88.170.23/R101.exe
Targets
-
-
Target
9b126111b5de49830186c2828d3feb041172364a8eb5c95b4205aed9570a0fea
-
Size
2.1MB
-
MD5
0f925eacf232e2c212c0fd5ec130faf2
-
SHA1
3a165b24ccc6779712104317bcfa00179f5f3fff
-
SHA256
9b126111b5de49830186c2828d3feb041172364a8eb5c95b4205aed9570a0fea
-
SHA512
da6fdc705ca3d5d6b079744de4f7bb426df9c04280cbbd4466d3c5ce3ad117ee18bcfeaaaf339e71fbb09dc7634a13d204ae8f3648a8f1294225cd2e2e9e4311
-
SSDEEP
49152:jvFkZf+5yFXfXDLV+0EgDHMj1kQCrZgt7/U9QJQDkLqD2ZT:mEytXfVxIeQwP9okRDY
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-