Overview

overview

10

Static

static

10

Corefarm.exe

windows7-x64

10

Corefarm.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Corefarm.exe

  • Size

    887KB

  • Sample

    240802-r8h4hsyckn

  • MD5

    1a52afc51a7342a3712890ff4686a421

  • SHA1

    bf1d860bc8177c7737e74f1fc7026997b5c38322

  • SHA256

    e9bef956a5fb946aa7b46c67c2f04cbdbf68e45b99cbb43b1254400a7a2347a0

  • SHA512

    74e5167aecabb8c8aa874c6675abfca0c154f7d3ee17a7ea30019b5880d21e3ec945483584685d3ca4143186ac195c3ac15d3a9247ad272ba5738753f6219f83

  • SSDEEP

    12288:2TEYAsROAsrt/uxduo1jB0Y96qgcFJKlJejrnChb/7HYJnLPdyBoUl++6p6aN+lu:2wT7rC6qpFJKl8uhHmSoUl+IlH

Score
10/10
eternitycredential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      Corefarm.exe

    • Size

      887KB

    • MD5

      1a52afc51a7342a3712890ff4686a421

    • SHA1

      bf1d860bc8177c7737e74f1fc7026997b5c38322

    • SHA256

      e9bef956a5fb946aa7b46c67c2f04cbdbf68e45b99cbb43b1254400a7a2347a0

    • SHA512

      74e5167aecabb8c8aa874c6675abfca0c154f7d3ee17a7ea30019b5880d21e3ec945483584685d3ca4143186ac195c3ac15d3a9247ad272ba5738753f6219f83

    • SSDEEP

      12288:2TEYAsROAsrt/uxduo1jB0Y96qgcFJKlJejrnChb/7HYJnLPdyBoUl++6p6aN+lu:2wT7rC6qpFJKl8uhHmSoUl+IlH

    Score
    10/10
    eternitycredential_accessspywarestealerdiscovery

    • Detects Eternity stealer

      stealer

    • Eternity

      Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

      eternity

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks