Overview

overview

10

Static

static

10

4433d5485f...cc.exe

windows7-x64

10

4433d5485f...cc.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 19:03

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4433d5485fca17b6fcc0c0e3bd5da5cc.exe

  • Size

    886KB

  • MD5

    4433d5485fca17b6fcc0c0e3bd5da5cc

  • SHA1

    117709a70d73623094d9439e1737a643845f3671

  • SHA256

    2ea99244c02351022b99596d4cef769b1ac920b674abd08b268f66a6e171bd8d

  • SHA512

    6fdb122f5b5f51da4790a844c7f4d78538ca48a69dfa73ea22dd39de5bffecc42148d48a35015a72eac185f309d1044a53db589e5080d719640ab8f43a3e9e5e

  • SSDEEP

    12288:MTEYAsROAsrt/uxduo1jB0Y96qRTJzB4htv8/YgU9D4uUDafWGy8CLrHe3o:MwT7rC6qRTJzyht7ny8fAHgo

Score
10/10
eternitystealer

Malware Config

Signatures

  • Detects Eternity stealer 1 IoCs
    stealer
  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4433d5485fca17b6fcc0c0e3bd5da5cc.exe
    "C:\Users\Admin\AppData\Local\Temp\4433d5485fca17b6fcc0c0e3bd5da5cc.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2544-0-0x0000000000350000-0x0000000000436000-memory.dmp

    Filesize

    920KB

    Download

  • memory/2544-1-0x00007FF860540000-0x00007FF861001000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2544-2-0x0000000000C40000-0x0000000000C90000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2544-3-0x0000000000AD0000-0x0000000000AD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2544-4-0x0000000000AD0000-0x0000000000AD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2544-7-0x0000000002650000-0x000000000268E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2544-9-0x000000001B180000-0x000000001B190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2544-8-0x000000001B180000-0x000000001B190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2544-6-0x000000001B180000-0x000000001B190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2544-5-0x0000000000AD0000-0x0000000000AD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2544-10-0x00007FF860540000-0x00007FF861001000-memory.dmp

    Filesize

    10.8MB

    Download