Extracted

• • Target

    new request.exe

  • Size

    673KB

  • MD5

    86b8d16de595cd4af053a7a04023ff08

  • SHA1

    5ab258b49561d90ba48d29554d6b0e3919ee8be1

  • SHA256

    4f20841d200433a3fef4ea9392ce773b29a3cf605f3ee020c21c43199ff0b74c

  • SHA512

    0c1bff788fedc93722c86246c2856da634631e19616b33b74bfa465c429376e1e356161f8b7bb5788347a10d7a2838e42f777c09549be0df57dc42ef2709d6d7

  • SSDEEP

    12288:CDKtNqEvMCyZcTJ0oJFLHqewyC1/tpiFAvVRPn6Cts7:eKjjYqy+V9wDRtpoAPCCts7

  Score

  10^/10

  eternitycollectionpersistencespywarestealer

  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Adds Run key to start application

    persistence

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2