eternity | 8208c61fb8ae7da93969954ea176ed3730310c2c99d1199094a2cffa491cb23c | Triage

Sharing

General

Target

8208c61fb8ae7da93969954ea176ed3730310c2c99d1199094a2cffa491cb23c
Size

1.4MB
Sample

230808-emw22aad94
MD5

88ad6b11165e045a4b03a6eec6546c31
SHA1

b16a4d87ad03557d72b162a26f66bfdc43c855c6
SHA256

8208c61fb8ae7da93969954ea176ed3730310c2c99d1199094a2cffa491cb23c
SHA512

e4e34af5fe2cd0fd1a4d969c4b86ccb9763cc97931da1d73171c293eb888b6d2e45022667a1482e4a1625b117e8b579ac47d6398f362f9e4066f1841a57551aa
SSDEEP

24576:iyMtE3yw022MWRrGWOK+0QLTW/NdJrrGWU9G5EvsJ/1nWoBRFmpPvwuM8+re:U23ywWTr+k/NdJeaEvO/HBPmQuMBre

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://162.244.93.4/~rubin/swo.exe

Targets

- Target
  
  8208c61fb8ae7da93969954ea176ed3730310c2c99d1199094a2cffa491cb23c
- Size
  
  1.4MB
- MD5
  
  88ad6b11165e045a4b03a6eec6546c31
- SHA1
  
  b16a4d87ad03557d72b162a26f66bfdc43c855c6
- SHA256
  
  8208c61fb8ae7da93969954ea176ed3730310c2c99d1199094a2cffa491cb23c
- SHA512
  
  e4e34af5fe2cd0fd1a4d969c4b86ccb9763cc97931da1d73171c293eb888b6d2e45022667a1482e4a1625b117e8b579ac47d6398f362f9e4066f1841a57551aa
- SSDEEP
  
  24576:iyMtE3yw022MWRrGWOK+0QLTW/NdJrrGWU9G5EvsJ/1nWoBRFmpPvwuM8+re:U23ywWTr+k/NdJeaEvO/HBPmQuMBre
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scripting

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Scripting

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2