Overview
overview
10Static
static
10Bunifu.dll
windows10-1703-x64
1DiscordRPC.dll
windows10-1703-x64
1ENet.Managed.dll
windows10-1703-x64
1Eternity.exe
windows10-1703-x64
10Newtonsoft.Json.dll
windows10-1703-x64
1System.Buffers.dll
windows10-1703-x64
1System.Memory.dll
windows10-1703-x64
1System.Num...rs.dll
windows10-1703-x64
1System.Run...fe.dll
windows10-1703-x64
1General
-
Target
Eternity.zip
-
Size
35.0MB
-
Sample
240125-dcdbhafagk
-
MD5
087e21b251a1567c10526376837a4bbc
-
SHA1
802ca49bfb4fa037608cc210344479e26c92a9fe
-
SHA256
a22b363a7dce6163c6338ece398265d8d166bc232466619c9a3e45f4530600b8
-
SHA512
733b9ba11aeb8d089665dc018bba0b6f9723b5a215a8fc77ac748bbf3af3dd77d114f984d821824d16d28a8be014bc781146e43d05e84fb23c9c1a033cb54424
-
SSDEEP
786432:yhUT6NDYZyaFEPdjHmHkxDrXDxgqiJ4B56ww6aGfk4:kUTqIydpmMDxgqiJ471w6aGfx
Behavioral task
behavioral1
Sample
Bunifu.dll
Resource
win10-20231215-en
Behavioral task
behavioral2
Sample
DiscordRPC.dll
Resource
win10-20231215-en
Behavioral task
behavioral3
Sample
ENet.Managed.dll
Resource
win10-20231215-en
Behavioral task
behavioral4
Sample
Eternity.exe
Resource
win10-20231215-en
Behavioral task
behavioral5
Sample
Newtonsoft.Json.dll
Resource
win10-20231215-en
Behavioral task
behavioral6
Sample
System.Buffers.dll
Resource
win10-20231215-en
Behavioral task
behavioral7
Sample
System.Memory.dll
Resource
win10-20231220-en
Behavioral task
behavioral8
Sample
System.Numerics.Vectors.dll
Resource
win10-20231215-en
Behavioral task
behavioral9
Sample
System.Runtime.CompilerServices.Unsafe.dll
Resource
win10-20231215-en
Malware Config
Targets
-
-
Target
Bunifu.dll
-
Size
232KB
-
MD5
a956773892ea3bb538c4656475c35126
-
SHA1
e2cc84075cd18b96623fd29d529873f379e398c2
-
SHA256
d95d7cdb4a549a7f9a06c9059027bd90e926a15b21f118a59536ee9b5febb768
-
SHA512
d376b8700d2461e63c4da6fc0dedcc33aa44dca4766fa50fa2cc4475d8bb00fc919568967a2f3b250b8f40a3e45bf48421f3b7f35e081a55805683f3092645e7
-
SSDEEP
6144:wHZKhR7DDGGWH7qriB6V5XGLXHb4Hp9JH:wHZKhR7DDGGemriBw5XFHz
Score1/10 -
-
-
Target
DiscordRPC.dll
-
Size
82KB
-
MD5
3956130e36754f184a0443c850f708f8
-
SHA1
4874cd51b0fa5652ed84e3b0c123bee05dcdffc8
-
SHA256
25c39f91f737d80040c72c9e3f95db0fece1c9653f501828adc16cfb1ec59d26
-
SHA512
157143dd69378e9914ddbb934229cfbc99ae7d80f4f787b7799fc254054d2c7b1e6f4551cddea30470e28b61309f858fcdb2d009b1c32953dfe5ea7fe78e9e48
-
SSDEEP
1536:RICqBkny2//yF9999999999dGxde6HYPM4Q+mRxpSNh:RNy2//yF9999999999dn6b4Q+mWh
Score1/10 -
-
-
Target
ENet.Managed.dll
-
Size
827KB
-
MD5
816a81ac833687f237182ad574a4d6b2
-
SHA1
53f1ab89e3ceccf0293eeb0b86679e1cc0cc85aa
-
SHA256
8b75146db5dc7240ab1c3369aa424568a83bb73ae74eb8e8a79b7f440242daa7
-
SHA512
859f84b4fa1291fd094f31843ebb39f41c926d766d770b07df845c6c08686766166a9b15817f24cd160e659904d4d3865b4daf584400e77c72af3e815bd16378
-
SSDEEP
12288:uRqwhxzcEtaJzhp/tDLb3Oun7H0HLv3rJmZLcyKu7RTT6akCN7VcX:uxYFVDP5ALTMLp/t7kCVq
Score1/10 -
-
-
Target
Eternity.exe
-
Size
40.8MB
-
MD5
40f0212fa97e2fe44ee0fbffae0c96b5
-
SHA1
e11664504e7b3ab905de8069e6fb5b1159aec002
-
SHA256
32d38e1eae86466254658d5a91a8bca983706b3aec35148012cb0a50f550a74f
-
SHA512
2eeebc345f202033762cfa1e5ae4a2b2f477dad7e7019e5aff7b3aff98d0a9ee7c2223a94dfb6cc1a6fd66eb0290adee3baa1fda8d99658253c005ca11f425f5
-
SSDEEP
786432:gHvsyBy7Mu30RSVRAaAeQc98NmhJQ8mZoJRWUmx2qmE:gUyCMrUVKa/bhJQ8mZorV+
-
Eternity
Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
-
-
Target
Newtonsoft.Json.dll
-
Size
695KB
-
MD5
195ffb7167db3219b217c4fd439eedd6
-
SHA1
1e76e6099570ede620b76ed47cf8d03a936d49f8
-
SHA256
e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
-
SHA512
56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
-
SSDEEP
12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score1/10 -
-
-
Target
System.Buffers.dll
-
Size
20KB
-
MD5
a48936868abf91274def7231aa52dbb5
-
SHA1
f02fa5231536c0dd9cef9e84e609646b23d5d33c
-
SHA256
423200010a7684763451473a4fb206dfa074fc8249676621ef9d9a13417d364d
-
SHA512
c8fe3d1314794ae7071a647e328a46a30e6d96e574daa896fcebebf6bb51ce0af14e6cc63a0e1600a0e4adbc7aa18e97ee58581adccac23981c029ea782b5f9d
-
SSDEEP
384:ay/fjFwUI/KQyVvKdDhG6ISDFWvYW8aIcyHRN7WEg2ly0:auhMaVmzDC6b
Score1/10 -
-
-
Target
System.Memory.dll
-
Size
138KB
-
MD5
f09441a1ee47fb3e6571a3a448e05baf
-
SHA1
3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde
-
SHA256
bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f
-
SHA512
0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6
-
SSDEEP
3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU
Score1/10 -
-
-
Target
System.Numerics.Vectors.dll
-
Size
113KB
-
MD5
aaa2cbf14e06e9d3586d8a4ed455db33
-
SHA1
3d216458740ad5cb05bc5f7c3491cde44a1e5df0
-
SHA256
1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
-
SHA512
0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
-
SSDEEP
1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score1/10 -
-
-
Target
System.Runtime.CompilerServices.Unsafe.dll
-
Size
16KB
-
MD5
c4cfe03f75bc01969bc936c9c09baa12
-
SHA1
cb96ea48ee8aa9fe764d6f1ec30751001a0a646d
-
SHA256
a2d38a330df390cc739689369a36520fe491d3660d73974eb46b51608f50675b
-
SHA512
6db15403523b6c966d7aa6906cfc219a956f6c7a68c60774e9ed9f261df1a4d6731b92c59f3caafaeb345b853cd237fa163155b8b8e7825ba69a634878c929e2
-
SSDEEP
192:RMyaqO8cxdQWXYWJeaotWsI9A9GaHnhWgN7aJeWwgCWuXqnaju02aU:RTO9dQWXYW8aocyHRN7WEgSly0
Score1/10 -