Overview

overview

10

Static

static

3

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    2.1MB

  • Sample

    230519-fctdtsfb73

  • MD5

    141fab15a9ee48b8caadd462553dbff3

  • SHA1

    36797395bb85f08ac5cf7eacb81c8d9ce78b3701

  • SHA256

    e5fa8e9899e8d56149452a34fc6bc6b66bd9c8d69a31cdb1fbf5a90e9db6a454

  • SHA512

    67ff417f350ba875ea4af66088e7bd9f91ee39c52ff4ad27b34526a506efbeb1a14258cca39762d87d8f98f0c6b8427ecc784fc9df4fade95d0f2b3bf86be6ca

  • SSDEEP

    49152:KFMqbjBFzfnVMDpUFvPnA4UCV1a56xd/BOEZb8v/:4M2NVfVMDpUFvmczxB4A

Score
10/10
eternity

Malware Config

Extracted

Family

eternity

Attributes
  • payload_urls

    http://167.88.170.23/swo/sw.exe

    http://167.88.170.23/swo/swo.exe,http://167.88.170.23/1300.exe

Targets

    • Target

      tmp

    • Size

      2.1MB

    • MD5

      141fab15a9ee48b8caadd462553dbff3

    • SHA1

      36797395bb85f08ac5cf7eacb81c8d9ce78b3701

    • SHA256

      e5fa8e9899e8d56149452a34fc6bc6b66bd9c8d69a31cdb1fbf5a90e9db6a454

    • SHA512

      67ff417f350ba875ea4af66088e7bd9f91ee39c52ff4ad27b34526a506efbeb1a14258cca39762d87d8f98f0c6b8427ecc784fc9df4fade95d0f2b3bf86be6ca

    • SSDEEP

      49152:KFMqbjBFzfnVMDpUFvPnA4UCV1a56xd/BOEZb8v/:4M2NVfVMDpUFvmczxB4A

    Score
    10/10
    eternity

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

      eternity

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks