Behavioral task
behavioral1
Sample
1984-1265-0x0000000000090000-0x00000000000EA000-memory.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
1984-1265-0x0000000000090000-0x00000000000EA000-memory.exe
Resource
win10v2004-20231130-en
General
-
Target
1984-1265-0x0000000000090000-0x00000000000EA000-memory.dmp
-
Size
360KB
-
MD5
1d86d9e028118f5951f896bba7487460
-
SHA1
fff41effd8102702050a3ccac29e3dd07b5bc3de
-
SHA256
3ce418f821c7818bc7513e2838a8a494283f1bc5da21ef2ce63fe275cde1b53f
-
SHA512
7ca4c15a95a41cfe4148f3ea284e11cadafa47144a2791bd55fba3ebb8ad0c2864d020b59baed1a5979a1334861ffdeb61ab227d1f42f2ee933027da334c3043
-
SSDEEP
6144:FW/z9Ns6TbumkfuauSOqT9ajH4GuK2cTCbLEG8ENa654jEbD:FW/z9Ns6TbzjH4GuKPCHEw4j
Malware Config
Extracted
eternity
http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion
Signatures
-
Eternity family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1984-1265-0x0000000000090000-0x00000000000EA000-memory.dmp
Files
-
1984-1265-0x0000000000090000-0x00000000000EA000-memory.dmp.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 335KB - Virtual size: 335KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ