eternity | 274bda2b5a81bb6294c01e452931d1114c43beb19feb411c89e47dcf090af14d | Triage

Sharing

General

Target

09f063a7da6000faca88ed9b7299ee79.bin
Size

372KB
Sample

230311-bf8kpsga44
MD5

298dfc866630e4a3d27c7cd018e2e861
SHA1

8199d96b5249ce326f27bdbac0f4adc3c65ebc08
SHA256

274bda2b5a81bb6294c01e452931d1114c43beb19feb411c89e47dcf090af14d
SHA512

bd8b7e8eed783ae543ba8ac1dfebde64bb058afcb24cfb2ffabfaf302fc71fcf6f86f7712240089181a9a60958ec44cabd23868dbf3fc696cd2af01209819ba4
SSDEEP

6144:DmRVAUdZyqE0cZGjqNx2NcX8vbigVYRWtY1NmarkzVRD5IpAFfHhE:DgfE1LqbigRG8arkb5IpS/2

Score

10^/10

eternity discovery

Malware Config

Targets

- Target
  
  4aef1bb0ec145faaa33f717c50a412fe8af594f0bf1c203750b850535ae4dd11.exe
- Size
  
  455KB
- MD5
  
  09f063a7da6000faca88ed9b7299ee79
- SHA1
  
  31dc81a128400ee37e82fe9cef6831a6cc1f9109
- SHA256
  
  4aef1bb0ec145faaa33f717c50a412fe8af594f0bf1c203750b850535ae4dd11
- SHA512
  
  14b78151fbbf21f40d9e7b9a23c678d7b9482f002d04851d2efdc7a9a44858594c70376f68ba6744271a05e3c7402109c1b3a2c40dbd1711733de40dc9fba148
- SSDEEP
  
  12288:8dtTYK3JyOf55vMtQEVp88TNmTAWQ3rG/VtQ0:ITYKzf8tZnTNUAd+/Q0
Score

10^/10

eternity discovery
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

eternitydiscovery

behavioral2