eternity | e6364f5b8d47b4fb6ea6fbebdf82495252c3bc94a93c98d53574ab89cc871695 | Triage

Sharing

General

Target

9247803ef08a9aaaa9c9f4595d5946e0.bin
Size

1.8MB
Sample

230522-bxjmxadd34
MD5

ac690d9c4e56fb799cd6f6794969d2aa
SHA1

cb9bd4e82216b16ad3ad098da0c19daeda772d41
SHA256

e6364f5b8d47b4fb6ea6fbebdf82495252c3bc94a93c98d53574ab89cc871695
SHA512

4f3c08e51d98a7999a3f3997745c2c9efd807d4b7230f391e562fd2bca4915428431732227b2485b1784fb17db0e26070cf7a8a258fac768af03d8b920a3b7e7
SSDEEP

49152:ny/ajvVmYZve025dOGx4DpglM2ogBcx8Lk:nLrVmYZH25kGyEoO4

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://167.88.170.23/swo/sw.exe

http://167.88.170.23/swo/swo.exe,http://167.88.170.23/1300.exe

Targets

- Target
  
  c87944569ee3472607f5c02b5d249c6d817de90c4c143349a0905b2a8c6284ef.exe
- Size
  
  2.1MB
- MD5
  
  9247803ef08a9aaaa9c9f4595d5946e0
- SHA1
  
  774ec9e0cdfe0816703960039e0a21af5dd94b46
- SHA256
  
  c87944569ee3472607f5c02b5d249c6d817de90c4c143349a0905b2a8c6284ef
- SHA512
  
  245d9289daa37eb287c3de3ac2b621104415907d4b3bdc08ba47ed90fd7c51fafd29c0439f44e81ce22941f9393eb92d1359fa4a79c8a78261174e515c5f4abf
- SSDEEP
  
  49152:IlCF2ZorKJtQvwAqyoWNN1HdFvo9ZYPWp6:39wAqyoW93voZYPz
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2