General
-
Target
lbcr.exe
-
Size
347KB
-
Sample
230120-d9xfmsfb89
-
MD5
dafc8e7ccd381af36f19267a2a9b3f9b
-
SHA1
742c9021f4f0fb264c32a59a66e3ac514b8e166b
-
SHA256
3cded3354fbcfaad7112c599b3622680a632e601602ea4f5faa07a6bcc8cbeaf
-
SHA512
70779917d042e4dc65dbac4fda2f521721f9deb42e67e4cfe3eb3a82ff508da3303b96e71bff37b2e95f51d8be7fc6e8987bb0244bd6d2be857c0e0bd44bfa4e
-
SSDEEP
6144:58CS6KWJ0XJWcPZ1PiqbeiS8XDMs9HHCUA:KC9IgWrPiN0YEHHFA
Static task
static1
Behavioral task
behavioral1
Sample
lbcr.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
lbcr.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
lbcr.exe
-
Size
347KB
-
MD5
dafc8e7ccd381af36f19267a2a9b3f9b
-
SHA1
742c9021f4f0fb264c32a59a66e3ac514b8e166b
-
SHA256
3cded3354fbcfaad7112c599b3622680a632e601602ea4f5faa07a6bcc8cbeaf
-
SHA512
70779917d042e4dc65dbac4fda2f521721f9deb42e67e4cfe3eb3a82ff508da3303b96e71bff37b2e95f51d8be7fc6e8987bb0244bd6d2be857c0e0bd44bfa4e
-
SSDEEP
6144:58CS6KWJ0XJWcPZ1PiqbeiS8XDMs9HHCUA:KC9IgWrPiN0YEHHFA
Score10/10-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-