eternity | 5d5ba4fa49441043304c8ef33dd2237d3c1e1272ef520e3c32eb936859984b15 | Triage

Sharing

General

Target

141d5ee26277cbb0ad9eb4c9177ca5bc.exe
Size

2.4MB
Sample

230328-hzdm1ahe68
MD5

141d5ee26277cbb0ad9eb4c9177ca5bc
SHA1

09855e71961ae15940c158febc4d49c22b3d69c4
SHA256

5d5ba4fa49441043304c8ef33dd2237d3c1e1272ef520e3c32eb936859984b15
SHA512

210cb1e1149e66350b9c63d4670e8448fd2bcf49d75a3138c95440f5a9dd20a63cdc9adacd4c47017c4b21b4fd2dcef95d7aab87e3245496b466b33553ed492f
SSDEEP

49152:PCyMiuD+moCQZhHUWYfo11q33dRGyRt7:dG1QZWo11q3FRF

Score

10^/10

eternity worm

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes

payload_urls
http://167.88.170.23/swo/sw.exe

http://167.88.170.23/swo/swo.exe

Targets

- Target
  
  141d5ee26277cbb0ad9eb4c9177ca5bc.exe
- Size
  
  2.4MB
- MD5
  
  141d5ee26277cbb0ad9eb4c9177ca5bc
- SHA1
  
  09855e71961ae15940c158febc4d49c22b3d69c4
- SHA256
  
  5d5ba4fa49441043304c8ef33dd2237d3c1e1272ef520e3c32eb936859984b15
- SHA512
  
  210cb1e1149e66350b9c63d4670e8448fd2bcf49d75a3138c95440f5a9dd20a63cdc9adacd4c47017c4b21b4fd2dcef95d7aab87e3245496b466b33553ed492f
- SSDEEP
  
  49152:PCyMiuD+moCQZhHUWYfo11q33dRGyRt7:dG1QZWo11q3FRF
Score

10^/10

eternity worm
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2