eternity | 4c0f274e3694fbabe53bf4160108b37353cbe110eab6effadfad8dc1f868d49e | Triage

Sharing

General

Target

4c0f274e3694fbabe53bf4160108b37353cbe110eab6effadfad8dc1f868d49e
Size

2.4MB
Sample

230521-zdyjqafb6z
MD5

0fcabff10f0b3659aecdcb536e685377
SHA1

fd1f72d74a65ea4f71fbe98acf5a6a84398632b8
SHA256

4c0f274e3694fbabe53bf4160108b37353cbe110eab6effadfad8dc1f868d49e
SHA512

eef91dd06cdb75e84b22d0757af20aeae0a700809d0d217cbb2437566acee101397d93a5617ccbea83896f5c4df79b80306a967de467a320b763b6219c82642a
SSDEEP

24576:FCXYEopBLD+2pIRPAo+V0z68WEZYcsl12gwpU7ng4QLCKnv8hfiF+IoHOWZ2wvxI:SFnPAo+S28BZY3lgg97ngB+KIIoHOWD

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://167.88.170.23/swo/sw.exe

http://167.88.170.23/swo/swo.exe,http://167.88.170.23/1300.exe

Targets

- Target
  
  4c0f274e3694fbabe53bf4160108b37353cbe110eab6effadfad8dc1f868d49e
- Size
  
  2.4MB
- MD5
  
  0fcabff10f0b3659aecdcb536e685377
- SHA1
  
  fd1f72d74a65ea4f71fbe98acf5a6a84398632b8
- SHA256
  
  4c0f274e3694fbabe53bf4160108b37353cbe110eab6effadfad8dc1f868d49e
- SHA512
  
  eef91dd06cdb75e84b22d0757af20aeae0a700809d0d217cbb2437566acee101397d93a5617ccbea83896f5c4df79b80306a967de467a320b763b6219c82642a
- SSDEEP
  
  24576:FCXYEopBLD+2pIRPAo+V0z68WEZYcsl12gwpU7ng4QLCKnv8hfiF+IoHOWZ2wvxI:SFnPAo+S28BZY3lgg97ngB+KIIoHOWD
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1