eternity | 23f09d9012c25fbba5f04b0648379e4c8a42ce2a2c30beffe4532b712907e1ef | Triage

Sharing

General

Target

a68ccf819e65e63c220113ba45c1a13b.exe
Size

2.4MB
Sample

230405-qgndgsgh2t
MD5

a68ccf819e65e63c220113ba45c1a13b
SHA1

8a410c54db44221acbb341815d49109594b50300
SHA256

23f09d9012c25fbba5f04b0648379e4c8a42ce2a2c30beffe4532b712907e1ef
SHA512

1262e12b48f0a471e8da2b470facc387813a1dd92c99e5f2e8fa550c16a1ba3f8c835ff6678bf7f5c4f9986b37e722b78835230d90f63bae6d8ea7f4f3f4f6fe
SSDEEP

24576:HfUxAfB9iuK++moKnfNIGQaK83uHU/uYfo11qis3s4b+6GIAANEN2tXL6Y3TEhi2:DLiuD+moCQZhHUWYfo11q33dRGyRt7

Score

10^/10

eternity worm

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes

payload_urls
http://167.88.170.23/swo/sw.exe

http://167.88.170.23/swo/swo.exe

Targets

- Target
  
  a68ccf819e65e63c220113ba45c1a13b.exe
- Size
  
  2.4MB
- MD5
  
  a68ccf819e65e63c220113ba45c1a13b
- SHA1
  
  8a410c54db44221acbb341815d49109594b50300
- SHA256
  
  23f09d9012c25fbba5f04b0648379e4c8a42ce2a2c30beffe4532b712907e1ef
- SHA512
  
  1262e12b48f0a471e8da2b470facc387813a1dd92c99e5f2e8fa550c16a1ba3f8c835ff6678bf7f5c4f9986b37e722b78835230d90f63bae6d8ea7f4f3f4f6fe
- SSDEEP
  
  24576:HfUxAfB9iuK++moKnfNIGQaK83uHU/uYfo11qis3s4b+6GIAANEN2tXL6Y3TEhi2:DLiuD+moCQZhHUWYfo11q33dRGyRt7
Score

10^/10

eternity worm
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2