Overview

overview

10

Static

static

10

Worm (1).exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Eternity Worm - 09.11.2022.zip

  • Size

    1.2MB

  • MD5

    a68f97544c9b41270008b8bf68992a75

  • SHA1

    a1ccc56eca977792cf7a751dff4ebf1f8afe8591

  • SHA256

    eae2bbca8b001849a03bad0b21d9e876c1931685ce37876e08a9dc77e022bfad

  • SHA512

    9bb6e21c98dada07b3c0d0c7f6addaf9d043441282fc5df4c5f348fffac047e5e662ef92a9f9df617cab79e1abbbb8648a4a3a32c1f2044aebf278fcdbdf68b3

  • SSDEEP

    24576:BnmwNxqyJyiBUlPG+yrdek3XI3xV8N2chJN2O8P9XrYRKx9BrcH6Nizl+lBB/ZmI:BFT/yowuHd0xo146MBu6NiGn/py6ey

Score
10/10
eternity

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Attributes
  • payload_urls

    https://raroford3242.xyz/myupdate.exe

    https://raroford3242.xyz/Sklmsstregens.vbs, https://raroford3242.xyz/remcexecrypt.exe, https://raroford3242.xyz/redlcryp.exe, https://raroford3242.xyz/racoocry.exe

    https://raroford3242.xyz/myupdate.exe

    https://raroford3242.xyz/myupdate.exe

Signatures

  • Eternity family
    eternity
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Eternity Worm - 09.11.2022.zip
    .zip

    Password: infected

  • Worm (1).exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections