Extracted

• • Target

    37c93873f34ffd989ab354eb535bb56b3fb997835c1ec6be7c2219217d8cefbe

  • Size

    272.5MB

  • MD5

    288f11cbc24d805ab059c0fd18b0beb3

  • SHA1

    88a529879a7726a6a4ea96c02f5e49ab884e3f1f

  • SHA256

    37c93873f34ffd989ab354eb535bb56b3fb997835c1ec6be7c2219217d8cefbe

  • SHA512

    422892f79e37b9786ba0883b9e060b5cdefaf6e137dda2efd9ad10de0e211f53e8a076810bd89b9ee40d5f6c4cb85d20ef8711492e43f2adf67aec58607d06f1

  • SSDEEP

    6144:qkE/XiFlYwesDZ9qBP9xjWUxA1eW+qKbLxn604WwMDu9XzQMat/dfJE3aaTRSaGf:z7Fbmd2Msc/WEPjTLTiXpFPZe

  Score

  10^/10

  eternitycollection

  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook profiles

    collection

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2