22bc4b5016608133dbd677487f835550

Sharing

Copy URL Twitter E-mail

General

Target

22bc4b5016608133dbd677487f835550
Size

1.2MB
MD5

22bc4b5016608133dbd677487f835550
SHA1

c8c5bdbaac79e61a5aa8cbd0c128aa82bb1ebe35
SHA256

9342a46b1aa3f49b6d7996a37c972a17e01f51df537deff2b2fceeca9cf17df4
SHA512

68f681a906c8eaa8f7ab338b2a95bbca3807cdc65f48037a329a1b76eff99781c64a13adf83983798a5e7da7ea5b9dd95f9f637a84a78e21d7555c7db70fcb91
SSDEEP

24576:FqteZt7iz/ZKkLp3x1tXy4K5XyU2AZWYW8I8AZxqoc/ZCOwynxhqKz:wteZt7WKSxx1U7XyU2EVcZxEemxk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Eternity.cc V15/DLL + INJECTOR/Eternity.cc.dll
unpack001/Eternity.cc V15/DLL + INJECTOR/RandoInjector.exe

Files

22bc4b5016608133dbd677487f835550
.zip
#INFINITY.txt
Eternity.cc V15/CFG/legit.cfg
Eternity.cc V15/CFG/mmhvh.cfg
Eternity.cc V15/CFG/rage.cfg
Eternity.cc V15/CFG/where does cfg go.txt
Eternity.cc V15/DLL + INJECTOR/Eternity.cc.dll
.dll windows:6 windows x86 arch:x86

cc48d6177c294a2768b008cd980076b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA

kernel32

InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcess
GetModuleHandleA
K32GetModuleInformation
VirtualProtect
Sleep
CreateThread
DisableThreadLibraryCalls
FreeLibraryAndExitThread
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
Beep
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
CloseHandle

user32

GetAsyncKeyState
GetCursorPos
CallWindowProcA
SetWindowLongA
FindWindowA
GetKeyState

msvcp140

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
_Xtime_get_ticks
_Thrd_sleep
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
??Bid@locale@std@@QAEIXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

vcruntime140

_CxxThrowException
memcmp
_purecall
memcpy
__CxxFrameHandler3
memset
strstr
__std_exception_copy
__std_type_info_destroy_list
strchr
_except_handler4_common
memmove
__std_exception_destroy

api-ms-win-crt-string-l1-1-0

strlen
strncmp
wcslen
isspace
isdigit
isalpha
strcmp

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-math-l1-1-0

fabs
atan
pow
sqrt
fmaxf
cos
roundf
fminf
ceil
sin
atan2
_fdtest
fmod
_except1

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
terminate
_initterm_e
_cexit
_invalid_parameter_noinfo_noreturn
_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment

api-ms-win-crt-convert-l1-1-0

atoi
atof
mbstowcs_s

api-ms-win-crt-stdio-l1-1-0

setvbuf
fwrite
_fseeki64
fsetpos
fputc
fgetpos
fflush
_get_stream_buffer_pointers
__stdio_common_vsprintf
__stdio_common_vsnprintf_s
__stdio_common_vfprintf
ungetc
ftell
__stdio_common_vsprintf_s
__acrt_iob_func
fopen_s
fseek
fread
fgetc
ferror
fclose

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-time-l1-1-0

_time64
clock
strftime
_localtime64

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

Sections

.text
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Eternity.cc V15/DLL + INJECTOR/How to use.txt
Eternity.cc V15/DLL + INJECTOR/RandoInjector.exe
.exe windows:6 windows x86 arch:x86

01172b6824b53dc0290de5d851cce0b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
CloseHandle
CreateRemoteThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
CreateToolhelp32Snapshot
Process32Next
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
GetACP
HeapFree
HeapAlloc
GetCurrentThread
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
GetFileType
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA
OutputDebugStringW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetProcessHeap
SetConsoleCtrlHandler
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
WriteConsoleW
EncodePointer
RaiseException

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Eternity.cc V15/Fonts/Verdana.ttf
Eternity.cc V15/Fonts/astriumwep.ttf

Sharing

General

Malware Config

Signatures

Files

cc48d6177c294a2768b008cd980076b2

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

msvcp140

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Sections

.text Size: 473KB - Virtual size: 473KB

.rdata Size: 134KB - Virtual size: 133KB

.data Size: 37KB - Virtual size: 692KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 26KB - Virtual size: 25KB

01172b6824b53dc0290de5d851cce0b2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 473KB - Virtual size: 473KB

.rdata
Size: 134KB - Virtual size: 133KB

.data
Size: 37KB - Virtual size: 692KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 26KB - Virtual size: 25KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 8KB - Virtual size: 8KB