eternity | 95c8457d231c9d28ead95f7cd8032a0049663b5540582874bb4a1937cd0870d0 | Triage

Resubmissions

28-06-2023 00:18

230628-al49ssfg72 10

28-06-2023 00:07

230628-aeeqkagg5z 10

Sharing

General

Target

95c8457d231c9d28ead95f7cd8032a0049663b5540582874bb4a1937cd0870d0
Size

2.2MB
Sample

230628-aeeqkagg5z
MD5

18434574bc13a42141f4657759898410
SHA1

a02eefcba33a8d3e8bd3627d923381bf1dfd0920
SHA256

95c8457d231c9d28ead95f7cd8032a0049663b5540582874bb4a1937cd0870d0
SHA512

434015561e0ffb381003b715ecd539e19bdccf02ac9edb9c6a3bdc2da84bbc4ce2eea471188b89f41393d6e72596d00ceec43e159dc2ccfff778372a4bcecc98
SSDEEP

49152:TIoiAdWAwUYIzJlDrobOuvZxyP6JeY+s4t+XuoPhSgfgGNmGhquX:XjdMcjnobOAy5Y+A3fzNbP

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://162.244.93.4/~rubin/swo.exe

Targets

- Target
  
  95c8457d231c9d28ead95f7cd8032a0049663b5540582874bb4a1937cd0870d0
- Size
  
  2.2MB
- MD5
  
  18434574bc13a42141f4657759898410
- SHA1
  
  a02eefcba33a8d3e8bd3627d923381bf1dfd0920
- SHA256
  
  95c8457d231c9d28ead95f7cd8032a0049663b5540582874bb4a1937cd0870d0
- SHA512
  
  434015561e0ffb381003b715ecd539e19bdccf02ac9edb9c6a3bdc2da84bbc4ce2eea471188b89f41393d6e72596d00ceec43e159dc2ccfff778372a4bcecc98
- SSDEEP
  
  49152:TIoiAdWAwUYIzJlDrobOuvZxyP6JeY+s4t+XuoPhSgfgGNmGhquX:XjdMcjnobOAy5Y+A3fzNbP
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2