Overview

overview

10

Static

static

10

CID Creato...v4.exe

windows7-x64

10

CID Creato...v4.exe

windows10-2004-x64

10

CID Creato...ry.dll

windows7-x64

1

CID Creato...ry.dll

windows10-2004-x64

1

CID Creato...gn.dll

windows7-x64

1

CID Creato...gn.dll

windows10-2004-x64

1

CID Creato...rk.dll

windows7-x64

1

CID Creato...rk.dll

windows10-2004-x64

1

CID Creato...rd.dll

windows7-x64

1

CID Creato...rd.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-07-2024 11:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CID Creator v4/CID Creator v4.exe

  • Size

    887KB

  • MD5

    597144fc2c2ae9120504a43acd8ce132

  • SHA1

    2ef994d2ef44f7c7e436702ef2887980c6d0b3a0

  • SHA256

    1009114a68417ee36692f95cbada8e43800093626e30c30eef0a64f3bbcab71f

  • SHA512

    8ed51d26e8790f19a552e8bc63de9bc17182d0262faf3727aac1ac4259709c4ca0ed693dd39b53c450d4aaefc3ee4cc82e69c77de958225c7cf5c51080701187

  • SSDEEP

    12288:1TEYAsROAsrt/uxduo1jB0Y96qkK2QKy9hes7fKDF/c+zZeaySBcwkHv:1wT7rC6qGQKyCs7fKDC+QXKRkHv

Score
10/10
eternitystealer

Malware Config

Signatures

  • Detects Eternity stealer 1 IoCs
    stealer
  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CID Creator v4\CID Creator v4.exe
    "C:\Users\Admin\AppData\Local\Temp\CID Creator v4\CID Creator v4.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4428-0-0x00007FFDB7283000-0x00007FFDB7285000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4428-1-0x00000000002F0000-0x00000000003D6000-memory.dmp

    Filesize

    920KB

    Download

  • memory/4428-2-0x000000001AF40000-0x000000001AF90000-memory.dmp

    Filesize

    320KB

    Download

  • memory/4428-3-0x000000001AEF0000-0x000000001AF2E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4428-4-0x00007FFDB7280000-0x00007FFDB7D41000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4428-5-0x00007FFDB7280000-0x00007FFDB7D41000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4428-6-0x00007FFDB7283000-0x00007FFDB7285000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4428-7-0x00007FFDB7280000-0x00007FFDB7D41000-memory.dmp

    Filesize

    10.8MB

    Download