Extracted

• • Target

    INVOICE-7141.JPEG.vbs

  • Size

    448KB

  • MD5

    6b706c27af192877a7a5c18e5d5333ed

  • SHA1

    9e495be0251a70a66b2aa9d1343894662e0870da

  • SHA256

    1aa3321c7e05114a5e58a78fdd743d46e32b09769ee53b487bd0c3a6193386e3

  • SHA512

    28c99beb920653bdc33247f6084d52c403819606f5550dc2f16960107756705313b03ec3a0207bd73bc33df4801786e891c97da960bdb43d4e776baeaac8772b

  • SSDEEP

    6144:nF6Fv7Z2YncQOPd6sb38ZCpzCC5vrBEtRqG22BgA7EDfXDcmW7EFUBB:nFSncQMb8MwoNEtgG22BgA4bzcmOlB

  Score

  10^/10

  eternitycollectionspywarestealer

  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2