eternity | eternity[.]exe | Triage

Sharing

General

Target

eternity.exe
Size

349KB
MD5

5eea7412789d4a9e83d3113ab358718c
SHA1

f974336083787f1a43801b95ad4a2f13217ec363
SHA256

31c77d6590617cb3676c0d976b78db1c41bd7fe25d8b00d366afc27dcc96c832
SHA512

5888bec3476d5bf63bec50b946dab334ddf9918049a9270fbb86c819f839eb50172371aa61b72aaa77c6800fd2fb8b2af1ecc594f7c4e183b49df820b94e9af9
SSDEEP

6144:3izwGnXj4tQvrzi/BymkfuauSOq1kSRKbz3Tqazj1dFYfjrSLKPRbMLxRBV:3izwGXj4tQvrzipGRKbz3TqK1DFKPCf

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Signatures

Eternity family
eternity

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eternity.exe

Files

eternity.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ