eternity | abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6 | Triage

Submit
Reports

Overview

overview

Static

static

abb89a1be7...b6.exe

windows7-x64

abb89a1be7...b6.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6.exe

Resource

win7-20220901-en

eternity collection spyware stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6.exe

Resource

win10v2004-20220812-en

eternity collection spyware stealer

windows10-2004-x64

14 signatures

150 seconds

General

Target

abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
Size

334KB
MD5

677830c653b813525943da3ccc7c9a37
SHA1

cc7c92c2b1c08bd182629cfd42455fee969606b7
SHA256

abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
SHA512

0ab932e0535e6471357f664c53077090920b6a0cba03b65f1e63528666bf96c0436810175d58463092586ec39a24b1747f2b7805640d9145e1260efe21dc7708
SSDEEP

6144:nOaF+lSuzISz4aNcr1wAmbnwAmocsiftW7Ywbdtkjl5A:nOaolS0Z8kn3ULYYA+

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

C2

http://rlcjba7wduej3xcstcjo577eqgjsjvcjfsw4i23fqvf2y27ylylhmhad.onion

Signatures

Eternity family
eternity

Files

abb89a1be78f7a6914a636fb8106585487ad82dfc2226d183a7a4cf2e66b18b6
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy