Extracted

• • Target

    ea6f96421da7245fd625a79ba2c79a05ea2eda15f2773a8cc7fc9ad06147eeb3

  • Size

    536KB

  • MD5

    18a27fa66dcea46ad4a0d38b9a53d9d6

  • SHA1

    0d77f64f1b9847ca3852cef175f37f52a365b1ff

  • SHA256

    ea6f96421da7245fd625a79ba2c79a05ea2eda15f2773a8cc7fc9ad06147eeb3

  • SHA512

    42b3427e6d6aa004abb8cbdd11747718c2bf13d26f2acce9c4a48b0e3166e5a5d7d8352cb1d75ab2439f3a6555cf2bac99e00c146c7eb9fb3ff0184e4948e882

  • SSDEEP

    12288:OTuNInqxrlFZer+UK8QMESC2g+hEm/hcPXOabE5q4W50:OTd4rlStMSC2g+hEmC2aA5/t

  Score

  10^/10

  eternitycollection

  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook profiles

    collection

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2behavioral3behavioral4behavioral5