eternity | 368a4d20c002e3ac33066d6c20ceb83af485a613ac1507626df0162d8855ad1f | Triage

Submit
Reports

Overview

overview

Static

static

ggg.exe

windows7-x64

ggg.exe

windows10-2004-x64

Sharing

General

Target

ggg.exe
Size

904KB
Sample

231018-qq2mgaeh2v
MD5

8b6d6cc25f922c8148d77bc56539b064
SHA1

cb18c3002cf095a704ad32996b789b2ddbf64ca7
SHA256

368a4d20c002e3ac33066d6c20ceb83af485a613ac1507626df0162d8855ad1f
SHA512

c6f50ef0f29cb482d85f8442d0892c7899f4157ddc2970ac2910e5f71bdad882e25c5bc155020036b3309ecf0a75c2a536eb192ce37deff28adcb24bfb97f819
SSDEEP

12288:dTEYAsROAsrt/uxduo1jB0Y96qCNvB2eZJAl3PeWQIVoQSlcltwV0LwqS/SgekZR:dwT7rC6qEfaGzIJr60pvcR

Score

10^/10

eternity evasion stealer trojan

Static task

static1

stealer eternity

4 signatures

Behavioral task

behavioral1

Sample

ggg.exe

Resource

win7-20230831-en

eternity evasion stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ggg.exe

Resource

win10v2004-20230915-en

eternity evasion stealer trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  ggg.exe
- Size
  
  904KB
- MD5
  
  8b6d6cc25f922c8148d77bc56539b064
- SHA1
  
  cb18c3002cf095a704ad32996b789b2ddbf64ca7
- SHA256
  
  368a4d20c002e3ac33066d6c20ceb83af485a613ac1507626df0162d8855ad1f
- SHA512
  
  c6f50ef0f29cb482d85f8442d0892c7899f4157ddc2970ac2910e5f71bdad882e25c5bc155020036b3309ecf0a75c2a536eb192ce37deff28adcb24bfb97f819
- SSDEEP
  
  12288:dTEYAsROAsrt/uxduo1jB0Y96qCNvB2eZJAl3PeWQIVoQSlcltwV0LwqS/SgekZR:dwT7rC6qEfaGzIJr60pvcR
Score

10^/10

eternity evasion stealer trojan
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealereternity

behavioral1

eternityevasionstealertrojan

behavioral2

eternityevasionstealertrojan

© 2018-2025

Terms | Privacy