Overview

overview

10

Static

static

10

5c1207273d...ec.exe

windows7-x64

10

5c1207273d...ec.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-01-2024 03:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5c1207273d347421e01531690820f8ec.exe

  • Size

    1.1MB

  • MD5

    5c1207273d347421e01531690820f8ec

  • SHA1

    6b42901dbe173ba67e4ea7c6a33c681015131677

  • SHA256

    b9dfb3ec5457015f6a52e92a4f23ef0b6cfcf081703c94b4fb8688b9d33cda09

  • SHA512

    3c06298e6b7873f20fcbe18fd5cc46db3234957c347d81c5b8b36e0bf3b33f8948e292503c764b5df656ba9293936c92dc51a5e75e7dcdf362006e8c6c115986

  • SSDEEP

    24576:uwT7rC6qREcZiTYHYnCoLjvv3CgUtcZi:3rC6qB4zLM

Score
10/10
eternitystealer

Malware Config

Signatures

  • Detects Eternity stealer 1 IoCs
    stealer
  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5c1207273d347421e01531690820f8ec.exe
    "C:\Users\Admin\AppData\Local\Temp\5c1207273d347421e01531690820f8ec.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1548-0-0x0000000000400000-0x0000000000504000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1548-1-0x00007FFCE32C0000-0x00007FFCE3D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1548-2-0x0000000002800000-0x0000000002850000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1548-3-0x0000000002850000-0x000000000288E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1548-4-0x00007FFCE32C0000-0x00007FFCE3D81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1548-5-0x00000000026A0000-0x00000000026A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1548-6-0x00000000026D0000-0x00000000026E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1548-7-0x00000000026D0000-0x00000000026E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1548-8-0x000000001B420000-0x000000001B58A000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/1548-9-0x00007FFCE32C0000-0x00007FFCE3D81000-memory.dmp

    Filesize

    10.8MB

    Download