eternity | 46304a058536faf4eb1f49b67b6f4571f12921ae147e110813525639d1c8a878 | Triage

Sharing

General

Target

3133a2d3553f6058630f503bf2a7a862.exe
Size

2.4MB
Sample

230329-xtsmasbc2y
MD5

3133a2d3553f6058630f503bf2a7a862
SHA1

5eee2643abcc2a3c388e456da96ea28d62ef504d
SHA256

46304a058536faf4eb1f49b67b6f4571f12921ae147e110813525639d1c8a878
SHA512

ea3bd9a605b4d6e39c954b3e027b2b675530c38634feadbf6d280ccf9bb9487295cb547985b36854146fe188066525baea4886f7477484d14db11fe1a1db919e
SSDEEP

49152:QsHEkCiuD+moCQZhHUWYfo11q33dRGyRt7:bG1QZWo11q3FRF

Score

10^/10

eternity worm

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes

payload_urls
http://167.88.170.23/swo/sw.exe

http://167.88.170.23/swo/swo.exe

Targets

- Target
  
  3133a2d3553f6058630f503bf2a7a862.exe
- Size
  
  2.4MB
- MD5
  
  3133a2d3553f6058630f503bf2a7a862
- SHA1
  
  5eee2643abcc2a3c388e456da96ea28d62ef504d
- SHA256
  
  46304a058536faf4eb1f49b67b6f4571f12921ae147e110813525639d1c8a878
- SHA512
  
  ea3bd9a605b4d6e39c954b3e027b2b675530c38634feadbf6d280ccf9bb9487295cb547985b36854146fe188066525baea4886f7477484d14db11fe1a1db919e
- SSDEEP
  
  49152:QsHEkCiuD+moCQZhHUWYfo11q33dRGyRt7:bG1QZWo11q3FRF
Score

10^/10

eternity worm
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2