eternity | sample1_pw_infected[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sample1_pw_infected.zip
Size

298KB
MD5

f33917c1fb170aafafc87e251cc74ef5
SHA1

dfb633a3717ca91b7de9d0056a54926daa6326cf
SHA256

9d0b5cf34263312fbaf1d82f02e53e1565c4c704fd02dca76b9f2cecd7b329d9
SHA512

a1cc03b2eb5fba81e6f31ce07983ee10f6a1a69c24a4123ad5b5a9741a41a728123ca59fd673f19a16def56bd88d553bd60ae66243152d7d05fcf09721feea46
SSDEEP

6144:zuelKwOsEGnoRJTe+jeEZjxN2v6I7oH2TzqBiK7z5jmtL4YmW8PNad:zuS2GnKjtOKWTzqBT5jmh4YuPa

Score

10^/10

stealer eternity

Malware Config

Signatures

Detects Eternity stealer 1 IoCs

resource	yara_rule
static1/unpack001/86a5031c61d87baacc955ed6a7b295357c8d5e8e5058903d0f55565730462b34	eternity_stealer

Eternity family
eternity

Files

sample1_pw_infected.zip
.zip

Password: infected
86a5031c61d87baacc955ed6a7b295357c8d5e8e5058903d0f55565730462b34
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 635KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ