eternity | SecuriteInfo[.]com[.]IL[.]Trojan[.]MSILZilla[.]23825[.]9321[.]21966[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...66.exe

windows7-x64

SecuriteIn...66.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.IL.Trojan.MSILZilla.23825.9321.21966.exe

Resource

win7-20220812-en

eternity collection spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.IL.Trojan.MSILZilla.23825.9321.21966.exe

Resource

win10v2004-20220812-en

eternity collection spyware stealer

windows10-2004-x64

14 signatures

150 seconds

General

Target

SecuriteInfo.com.IL.Trojan.MSILZilla.23825.9321.21966.exe
Size

336KB
MD5

998949f93086d10399e49f57279a329a
SHA1

6a2b230010d590c7ca14362d1e2031acea2580a3
SHA256

6f794b0ad47895b9d8a0d5285928531c71f79d5d8e1f05de266884fd6dab79f9
SHA512

762c3a0476e4147c861658b5b98b6e53bb349f4d0e54b31af6b189b35f7cac371471ef14f5331bbba883ea3edeb0b467f175d3e6dca4952ab38c71c286c027fc
SSDEEP

6144:2JJJwDeE91h2LPqLmR0ydZjHGCGYbjKbYYVj:2JJOeE+qE5r7GT0Y

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

C2

http://eternityms33k74r7iuuxfda4sqsiei3o3lbtr5cpalf6f4skszpruad.onion

Signatures

Eternity family
eternity

Files

SecuriteInfo.com.IL.Trojan.MSILZilla.23825.9321.21966.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy