eternity | f7aef424b5ac320e0833c9cc9be68a491a39eff100fd14f01ebd5ae68db76b46 | Triage

Submit
Reports

Overview

overview

Static

static

Ransomware.exe

windows7-x64

Ransomware.exe

windows10-2004-x64

Sharing

General

Target

Ransomware.exe
Size

113KB
Sample

241010-c265fa1brq
MD5

9d6c2430dba01a6d51bcae957a6b73b2
SHA1

fb17425c5227ee3bcb975870a2320a3deab7df93
SHA256

f7aef424b5ac320e0833c9cc9be68a491a39eff100fd14f01ebd5ae68db76b46
SHA512

c81750ba6dee49d4612c39a57c9d89f7a494f21ec0a56daede51cfb0d58c5079fef6bdfb5722d432c6c73a2ba83edb4d369624ee235ed5ad9db0dbe4fc01e563
SSDEEP

3072:JdzpRExiXwVehVee336bkoeKyH/lFZji:J1pewqehVe+6bUT/lFZ

Score

10^/10

eternity defense_evasion discovery evasion execution impact ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Ransomware.exe

Resource

win7-20240903-en

eternity defense_evasion discovery evasion execution impact ransomware

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

Ransomware.exe

Resource

win10v2004-20241007-en

eternity discovery evasion

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Ransomware.exe
- Size
  
  113KB
- MD5
  
  9d6c2430dba01a6d51bcae957a6b73b2
- SHA1
  
  fb17425c5227ee3bcb975870a2320a3deab7df93
- SHA256
  
  f7aef424b5ac320e0833c9cc9be68a491a39eff100fd14f01ebd5ae68db76b46
- SHA512
  
  c81750ba6dee49d4612c39a57c9d89f7a494f21ec0a56daede51cfb0d58c5079fef6bdfb5722d432c6c73a2ba83edb4d369624ee235ed5ad9db0dbe4fc01e563
- SSDEEP
  
  3072:JdzpRExiXwVehVee336bkoeKyH/lFZji:J1pewqehVe+6bUT/lFZ
Score

10^/10

eternity defense_evasion discovery evasion execution impact ransomware
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Disables Task Manager via registry modification
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Windows Management Instrumentation

Persistence

Privilege Escalation

Defense Evasion

Direct Volume Access

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

eternitydefense_evasiondiscoveryevasionexecutionimpactransomware

behavioral2

eternitydiscoveryevasion

© 2018-2024

Terms | Privacy