General
-
Target
Eterna.exe
-
Size
4.2MB
-
Sample
230320-qypymsdg32
-
MD5
4b16139ce122c3d0dc2c15a04b1d5110
-
SHA1
9e3321d739ff3813e4289d6dcb177ae3beb93eb5
-
SHA256
6e5f7ac150e500bc95e33a16b8a6c6a80f750145fd428b16c83ec4e6f21dc957
-
SHA512
1df0388665e159f2dd26536150b2cab670d9fc7f58cf686dd074dd68875ad9f9793c5139b66bf0ea621b3c41afd2503455ee66c5b71ad9b497f29cde2b8f3b4d
-
SSDEEP
98304:xIC4bj8JKA9CYVzVJnUxnwsipGxnP3c4+qrUrAqFjrYolcfEBNHA40lZf:WC4bAJPFVJnUxw3UlPcIUrAqFjEEbBNy
Behavioral task
behavioral1
Sample
Eterna.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Eterna.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
Eterna.exe
-
Size
4.2MB
-
MD5
4b16139ce122c3d0dc2c15a04b1d5110
-
SHA1
9e3321d739ff3813e4289d6dcb177ae3beb93eb5
-
SHA256
6e5f7ac150e500bc95e33a16b8a6c6a80f750145fd428b16c83ec4e6f21dc957
-
SHA512
1df0388665e159f2dd26536150b2cab670d9fc7f58cf686dd074dd68875ad9f9793c5139b66bf0ea621b3c41afd2503455ee66c5b71ad9b497f29cde2b8f3b4d
-
SSDEEP
98304:xIC4bj8JKA9CYVzVJnUxnwsipGxnP3c4+qrUrAqFjrYolcfEBNHA40lZf:WC4bAJPFVJnUxw3UlPcIUrAqFjEEbBNy
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Modifies Installed Components in the registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-