Extracted

• • Target

    file.exe

  • Size

    697KB

  • MD5

    fde00f70af28ca030e187b4296a0d847

  • SHA1

    90eb44a2c6cce5616c54132ea7a21e3fd8b2b031

  • SHA256

    a2c66d09bd02479db162d23d0c01747f726aa587a8f87aa5f74ed47930433287

  • SHA512

    b8e7bcaf133e12b48f2c7cb087a62fdce7de4ac8dd33c1fc49e391d58597bcf9aee69a43a9a20c76725eb4b159b97b781252964fe668ef1c951d1841dbb9bebc

  • SSDEEP

    12288:Uc2dNqdhRtuZGNgWd4NeF3l8ZGFexsA+fBTy9eo1dQKQp:Uc2dAdftu0TB1PbSQp

  Score

  10^/10

  eternitycollection

  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity

  • Executes dropped EXE

  • Loads dropped DLL

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook profiles

    collection

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2