Overview

overview

10

Static

static

10

Ransomware.exe

windows7-x64

10

Ransomware.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ransomware.exe

  • Size

    114KB

  • Sample

    230324-qjr5fsge9s

  • MD5

    5f4b0475c50266443e5d50ed496912ef

  • SHA1

    6e97a7131a9285e3a182e739017e5bde4548f6dd

  • SHA256

    d8f5f009931fd90779977cf627be88062fa857ec2c40d49d7a48fcf066e76aca

  • SHA512

    c1b90ce4944aa6bf30ff1a873bc8ed54f02ea5d9a8e5719665ff38780ba7d29c8d5fb5a4c8caae6fd39f06dcd56aaebb47d9ae9276c8455b93d5f9f1c485412e

  • SSDEEP

    3072:CYI6FRm+tAaSEpuCzUxkiVdwbCH5GzcZji:CrmttxnuCzuvdwbm5GzcZ

Score
10/10
eternityevasionransomware

Malware Config

Targets

    • Target

      Ransomware.exe

    • Size

      114KB

    • MD5

      5f4b0475c50266443e5d50ed496912ef

    • SHA1

      6e97a7131a9285e3a182e739017e5bde4548f6dd

    • SHA256

      d8f5f009931fd90779977cf627be88062fa857ec2c40d49d7a48fcf066e76aca

    • SHA512

      c1b90ce4944aa6bf30ff1a873bc8ed54f02ea5d9a8e5719665ff38780ba7d29c8d5fb5a4c8caae6fd39f06dcd56aaebb47d9ae9276c8455b93d5f9f1c485412e

    • SSDEEP

      3072:CYI6FRm+tAaSEpuCzUxkiVdwbCH5GzcZji:CrmttxnuCzuvdwbm5GzcZ

    Score
    10/10
    eternityevasionransomware

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

      eternity

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks