Overview

overview

10

Static

static

3

e5fa8e9899...54.exe

windows7-x64

10

e5fa8e9899...54.exe

windows10-2004-x64

10

Resubmissions

11-12-2023 22:40

231211-2lhvcaaefk 10

20-05-2023 01:00

230520-bc6lyahd59 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    141fab15a9ee48b8caadd462553dbff3.bin

  • Size

    1.8MB

  • Sample

    230520-bc6lyahd59

  • MD5

    9e61e99d136a8071ee17b6c40fce4e18

  • SHA1

    80260262aabd555e60a3e57179594515be74fee5

  • SHA256

    498664cb5f374b3185b39c05b7c0024b52f74815693da3a56a483fd3982ec295

  • SHA512

    194799d1d7523506e4fcd4928853cae1365aeca4c2342fba4c9ac2302b8f705e99b2c760ded0750239370fc681fdc4f052182d9b48bd56e06badede39a940c1e

  • SSDEEP

    49152:00WIdL6pohbDybBKO1CXT436hYs8/yW1H/tNnLo7WEs1t7j:0EdfcsO1CXTSoL8/PfnsQj

Score
10/10
eternity

Malware Config

Extracted

Family

eternity

Attributes
  • payload_urls

    http://167.88.170.23/swo/sw.exe

    http://167.88.170.23/swo/swo.exe,http://167.88.170.23/1300.exe

Targets

    • Target

      e5fa8e9899e8d56149452a34fc6bc6b66bd9c8d69a31cdb1fbf5a90e9db6a454.exe

    • Size

      2.1MB

    • MD5

      141fab15a9ee48b8caadd462553dbff3

    • SHA1

      36797395bb85f08ac5cf7eacb81c8d9ce78b3701

    • SHA256

      e5fa8e9899e8d56149452a34fc6bc6b66bd9c8d69a31cdb1fbf5a90e9db6a454

    • SHA512

      67ff417f350ba875ea4af66088e7bd9f91ee39c52ff4ad27b34526a506efbeb1a14258cca39762d87d8f98f0c6b8427ecc784fc9df4fade95d0f2b3bf86be6ca

    • SSDEEP

      49152:KFMqbjBFzfnVMDpUFvPnA4UCV1a56xd/BOEZb8v/:4M2NVfVMDpUFvmczxB4A

    Score
    10/10
    eternity

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

      eternity

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks