Extracted

• • Target

    SecuriteInfo.com.IL.Trojan.MSILZilla.23825.9321.21966.exe

  • Size

    336KB

  • MD5

    998949f93086d10399e49f57279a329a

  • SHA1

    6a2b230010d590c7ca14362d1e2031acea2580a3

  • SHA256

    6f794b0ad47895b9d8a0d5285928531c71f79d5d8e1f05de266884fd6dab79f9

  • SHA512

    762c3a0476e4147c861658b5b98b6e53bb349f4d0e54b31af6b189b35f7cac371471ef14f5331bbba883ea3edeb0b467f175d3e6dca4952ab38c71c286c027fc

  • SSDEEP

    6144:2JJJwDeE91h2LPqLmR0ydZjHGCGYbjKbYYVj:2JJOeE+qE5r7GT0Y

  Score

  10^/10

  eternitycollectionspywarestealer

  • Eternity

    Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.

    eternity

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2