eternity | 65bd5068031a515b1ab783dffdfda01504d9b94eeb6aae4938bf7665ef472748 | Triage

Sharing

General

Target

file.exe
Size

1.5MB
Sample

230314-tdcdlaad2y
MD5

8e927abc6ac43a6637c02ecbbef15f93
SHA1

1924b436f12da17695e5367082c3ede9e3003dea
SHA256

65bd5068031a515b1ab783dffdfda01504d9b94eeb6aae4938bf7665ef472748
SHA512

dff478fc8fdba762fe85dd5b35943de5783db3df460bda5f1b239ff58469e36a4162344761d866b980920bc10cc28fce07c5d3ff8e3fcdca4f4be57bc5542f87
SSDEEP

49152:pwS3we1zgOPav416L6+0Ih+iwrO19hAeBnVmoEuGFiPYDg5jX5G:pwS3we1zlPav416LdlBVejFo75jXM

Score

10^/10

eternity worm

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes

payload_urls
http://191.101.2.199/Worm.exe

http://191.101.2.199/Miner.exe, http://191.101.2.199/Clipper.exe, http://191.101.2.199/STE.exe, http://191.101.2.199/Rat.exe

Targets

- Target
  
  file.exe
- Size
  
  1.5MB
- MD5
  
  8e927abc6ac43a6637c02ecbbef15f93
- SHA1
  
  1924b436f12da17695e5367082c3ede9e3003dea
- SHA256
  
  65bd5068031a515b1ab783dffdfda01504d9b94eeb6aae4938bf7665ef472748
- SHA512
  
  dff478fc8fdba762fe85dd5b35943de5783db3df460bda5f1b239ff58469e36a4162344761d866b980920bc10cc28fce07c5d3ff8e3fcdca4f4be57bc5542f87
- SSDEEP
  
  49152:pwS3we1zgOPav416L6+0Ih+iwrO19hAeBnVmoEuGFiPYDg5jX5G:pwS3we1zlPav416LdlBVejFo75jXM
Score

10^/10

eternity worm
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2