eternity | c4ea0fcc647d3c244fb70dc5081a489fc60bbed7e5d62f622436b0331e5bd0ce | Triage

Sharing

General

Target

c4ea0fcc647d3c244fb70dc5081a489fc60bbed7e5d62f622436b0331e5bd0ce
Size

2.2MB
Sample

230805-fpxxsafg87
MD5

855358b2e478b0bc1d7ffeef2bbf6597
SHA1

f51cd947c16dd0eb64d53790fb0e65faf21fa1c4
SHA256

c4ea0fcc647d3c244fb70dc5081a489fc60bbed7e5d62f622436b0331e5bd0ce
SHA512

5a32b7ffafa3824bd4b17568f0c7005059db293b7b866f62647f464ffe907973a75eec83d7d5712cceb171c4e0596064b0d6845ff3bc77d0f38853f1ba65662c
SSDEEP

49152:jcmY/tXt2PWRs6CE3jLbO9Rs6CE3jLbOOv+m3Al6KQ7MX8OeHgGKeJPxDiOCe+Ef:UtpRs6CE3jLbO9Rs6CE3jLbOOP3TKQ71

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://162.244.93.4/~rubin/swo.exe

Targets

- Target
  
  c4ea0fcc647d3c244fb70dc5081a489fc60bbed7e5d62f622436b0331e5bd0ce
- Size
  
  2.2MB
- MD5
  
  855358b2e478b0bc1d7ffeef2bbf6597
- SHA1
  
  f51cd947c16dd0eb64d53790fb0e65faf21fa1c4
- SHA256
  
  c4ea0fcc647d3c244fb70dc5081a489fc60bbed7e5d62f622436b0331e5bd0ce
- SHA512
  
  5a32b7ffafa3824bd4b17568f0c7005059db293b7b866f62647f464ffe907973a75eec83d7d5712cceb171c4e0596064b0d6845ff3bc77d0f38853f1ba65662c
- SSDEEP
  
  49152:jcmY/tXt2PWRs6CE3jLbO9Rs6CE3jLbOOv+m3Al6KQ7MX8OeHgGKeJPxDiOCe+Ef:UtpRs6CE3jLbO9Rs6CE3jLbOOP3TKQ71
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2