eternity | 45d58041f3aacdf2d3536c39e1db81e23e30c6372ca2bd3be8b2675d472b5d44 | Triage

Submit
Reports

Overview

overview

Static

static

2_stealer.exe

windows7-x64

2_stealer.exe

windows10-2004-x64

Sharing

General

Target

2_stealer
Size

226KB
Sample

231025-dz113seg2t
MD5

a09c37144ca538b0bc4499bf59c691f1
SHA1

eb997ac06e1cf56add73e5e4eed3c10a297d4bd5
SHA256

45d58041f3aacdf2d3536c39e1db81e23e30c6372ca2bd3be8b2675d472b5d44
SHA512

b449997aa327b281ceade8f11a14bdf1e197fb86e7dffbcfcb3d59c09532108c317f437320b267818e2919c06da21d31db4b6dca745470f7a1ed4f37455afebf
SSDEEP

3072:NMU8dW6hNmf/ft5OPQFFlNqgAJcxoNF+rSoJdjayW+RCD9KrbLQ5inPCCb7bv/h1:NMPcnTMkFzqylSofjamrbLB/WEO5

Score

10^/10

eternity jester monika_galager collection spyware stealer

Static task

static1

stealer monika_galager eternity jester

4 signatures

Behavioral task

behavioral1

Sample

2_stealer.exe

Resource

win7-20231023-en

eternity jester monika_galager collection spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2_stealer.exe

Resource

win10v2004-20231023-en

eternity jester monika_galager collection spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

jester

Botnet

monika_galager

C2

http://jesterdcuxzbey4xvlwwheoecpltru5be2mzuk4w7a7nrhckdjjhrbyd.onion/report/monika_galager

https://api.anonfiles.com/upload?token=d26d620842507144

Mutex

c6b4a73b-035e-4027-8c9d-f30fcd7f128e

Attributes

license_key
2389157FE6BD3ADCBC3E0EAEF2136325

Targets

- Target
  
  2_stealer
- Size
  
  226KB
- MD5
  
  a09c37144ca538b0bc4499bf59c691f1
- SHA1
  
  eb997ac06e1cf56add73e5e4eed3c10a297d4bd5
- SHA256
  
  45d58041f3aacdf2d3536c39e1db81e23e30c6372ca2bd3be8b2675d472b5d44
- SHA512
  
  b449997aa327b281ceade8f11a14bdf1e197fb86e7dffbcfcb3d59c09532108c317f437320b267818e2919c06da21d31db4b6dca745470f7a1ed4f37455afebf
- SSDEEP
  
  3072:NMU8dW6hNmf/ft5OPQFFlNqgAJcxoNF+rSoJdjayW+RCD9KrbLQ5inPCCb7bv/h1:NMPcnTMkFzqylSofjamrbLB/WEO5
Score

10^/10

eternity jester monika_galager collection spyware stealer
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Jester
  Jester is an information stealer malware written in C#.
  stealer jester
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealermonika_galagereternityjester

behavioral1

eternityjestermonika_galagercollectionspywarestealer

behavioral2

eternityjestermonika_galagercollectionspywarestealer

© 2018-2024

Terms | Privacy