eternity | 2d6fe8bb8f119b7380857549c15b6d56d585c8dae37ebb7114e017afb77ff101 | Triage

Resubmissions

11/01/2023, 00:22

230111-anxmqsdh2x 10

10/01/2023, 22:17

230110-17et5shh34 10

Sharing

General

Target

2d6fe8bb8f119b7380857549c15b6d56d585c8dae37ebb7114e017afb77ff101
Size

569KB
Sample

230111-anxmqsdh2x
MD5

647d24b55fb9c781e8a2e38fc5138da4
SHA1

d3c86d3ab8706cec5e07d1076e7528d153a73c9e
SHA256

2d6fe8bb8f119b7380857549c15b6d56d585c8dae37ebb7114e017afb77ff101
SHA512

855484da3f09d1727b4033cb787295c705e0e42a9cea82a1292f1366851ae9095df6ebc0ede762133d64b3cf695179fd5a11e975844174b18373683837289ffe
SSDEEP

12288:SX/sT50ApTN1M7w5OY4zoi0mImhUIXeNd+Ln:vG0TSxY40iJaIp

Score

10^/10

eternity collection

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Targets

- Target
  
  2d6fe8bb8f119b7380857549c15b6d56d585c8dae37ebb7114e017afb77ff101
- Size
  
  569KB
- MD5
  
  647d24b55fb9c781e8a2e38fc5138da4
- SHA1
  
  d3c86d3ab8706cec5e07d1076e7528d153a73c9e
- SHA256
  
  2d6fe8bb8f119b7380857549c15b6d56d585c8dae37ebb7114e017afb77ff101
- SHA512
  
  855484da3f09d1727b4033cb787295c705e0e42a9cea82a1292f1366851ae9095df6ebc0ede762133d64b3cf695179fd5a11e975844174b18373683837289ffe
- SSDEEP
  
  12288:SX/sT50ApTN1M7w5OY4zoi0mImhUIXeNd+Ln:vG0TSxY40iJaIp
Score

10^/10

eternity collection
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook profiles
  collection
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Web Service

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

eternitycollection

behavioral2

eternitycollection