General
-
Target
32d883d45ff52cbfde2ed8868c3a50c7.exe
-
Size
2.1MB
-
Sample
230313-mxtcwsca7w
-
MD5
32d883d45ff52cbfde2ed8868c3a50c7
-
SHA1
5aa654b6a616ea75370ac559df4421bf67eef265
-
SHA256
e72ba123ab2230b92c80767c89f37989b3e342b6afb61d638c4ae92192cb744f
-
SHA512
6df5e54ccfb4e7010add8db922fa5a65ddfe08142d93659830b9e5ea766dce70332834ba940b859921bdc074e2aa9697a50b16bf475ad7716c7c4a460de78d5e
-
SSDEEP
24576:gsK5rYRnE8sdMmJD9RQSyeRH9xrofiiymJWIg7MQnrhSqnfFQypfV+Dg1DzeHPTQ:hK5rYRnraMmDkMXr6JGhgef6HjP4Ng0
Behavioral task
behavioral1
Sample
32d883d45ff52cbfde2ed8868c3a50c7.exe
Resource
win7-20230220-en
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
-
payload_urls
http://167.88.170.23/swo/sw.exe
http://167.88.170.23/swo/swo.exe
Targets
-
-
Target
32d883d45ff52cbfde2ed8868c3a50c7.exe
-
Size
2.1MB
-
MD5
32d883d45ff52cbfde2ed8868c3a50c7
-
SHA1
5aa654b6a616ea75370ac559df4421bf67eef265
-
SHA256
e72ba123ab2230b92c80767c89f37989b3e342b6afb61d638c4ae92192cb744f
-
SHA512
6df5e54ccfb4e7010add8db922fa5a65ddfe08142d93659830b9e5ea766dce70332834ba940b859921bdc074e2aa9697a50b16bf475ad7716c7c4a460de78d5e
-
SSDEEP
24576:gsK5rYRnE8sdMmJD9RQSyeRH9xrofiiymJWIg7MQnrhSqnfFQypfV+Dg1DzeHPTQ:hK5rYRnraMmDkMXr6JGhgef6HjP4Ng0
-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-