eternity | 0ae10937cec301f6d6383396ab1261e5c0726d9b4087511dfc21440fcb58d15c | Triage

Sharing

General

Target

0ae10937cec301f6d6383396ab1261e5c0726d9b4087511dfc21440fcb58d15c
Size

2.1MB
Sample

230810-fejx6sbe7z
MD5

2473e74dc2fdc9d391c9a0b08e79301e
SHA1

156f87d038c811c8937d6b78436f25300a555e26
SHA256

0ae10937cec301f6d6383396ab1261e5c0726d9b4087511dfc21440fcb58d15c
SHA512

498c85d87734ad07b8a3d37f7911d31206c4dfd99e983c8d86410cc14fbaae4ebd523032d1c025407dc9ffcc7cbbeef348f20e58fa63aeb34ed54073f52788aa
SSDEEP

49152://LRs6CE3jLbO9Rs6CE3jLbOGHazvh+dHK0SPyZ9C0lpnQwXiFa6Oyy42://LRs6CE3jLbO9Rs6CE3jLbOoazvh+5n

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://162.244.93.4/~rubin/swo.exe

Targets

- Target
  
  0ae10937cec301f6d6383396ab1261e5c0726d9b4087511dfc21440fcb58d15c
- Size
  
  2.1MB
- MD5
  
  2473e74dc2fdc9d391c9a0b08e79301e
- SHA1
  
  156f87d038c811c8937d6b78436f25300a555e26
- SHA256
  
  0ae10937cec301f6d6383396ab1261e5c0726d9b4087511dfc21440fcb58d15c
- SHA512
  
  498c85d87734ad07b8a3d37f7911d31206c4dfd99e983c8d86410cc14fbaae4ebd523032d1c025407dc9ffcc7cbbeef348f20e58fa63aeb34ed54073f52788aa
- SSDEEP
  
  49152://LRs6CE3jLbO9Rs6CE3jLbOGHazvh+dHK0SPyZ9C0lpnQwXiFa6Oyy42://LRs6CE3jLbO9Rs6CE3jLbOoazvh+5n
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2