eternity | bf398fa2d713269ad16397c292143f6067f3884d7f6e68268066fb034bd7a002 | Triage

Sharing

General

Target

Eternity.rar
Size

570KB
Sample

240129-nw9txshba4
MD5

a7e25ff0a7bf320f794638ae0a62393d
SHA1

d2a92af9ad15ad8bd3e6583ff84f95ea98a8cd2c
SHA256

bf398fa2d713269ad16397c292143f6067f3884d7f6e68268066fb034bd7a002
SHA512

b81d7729cd35ceec0c82075ea2189f5d07aeb0b7aceb2f7930405f79a3e81e6688028770c3d2b54e7eeee488a75abdb2cb3168eb962171391cc48df2e43de9e7
SSDEEP

12288:lAsNte7WwGsJwHQTOZcvyfsgo+sH1ZlDb2bYbHhthCtZZkjNkcsAyp:5raWw6HbUpg9Q1728bhjgZ+N5sN

Score

10^/10

eternity spyware stealer

Malware Config

Targets

- Target
  
  Bunifu.dll
- Size
  
  252KB
- MD5
  
  073ba9ab820c067e4cb8700bec487965
- SHA1
  
  a8f76bc3751c1422471d76950b5ca12842d4b48c
- SHA256
  
  029f1896e70cece63aa996c6cb64bfd8dffaffa103c40d2ea8e5c727f92f38d2
- SHA512
  
  ff3ef7d154f1dd489b0d2ef05f190e7002267c825d10299da71af2d84d4be6f1234182c33d7e5aa73d842a53b1ff42cc22048ffac6b49193f75701b5b182812d
- SSDEEP
  
  3072:10X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0X0Xb:o
Score

1^/10
behavioral1 behavioral2
- Target
  
  DiscordRPC.dll
- Size
  
  97KB
- MD5
  
  d49f0d68a9430666635279cc988235f6
- SHA1
  
  07832e5ea683e5b8574a77b3e5db866956cb132c
- SHA256
  
  77e9475b6a17930fc44f6f573fe6096ca07bbc006079002760554e05afe5e0b0
- SHA512
  
  c0125469ed165e692bb48e6994088e5889e4222401e94ba4381f3725d908f8a219bdf957382ffea18d8681de4f57ce7fb754ed1dee611c290cf3f301e0ce7c8a
- SSDEEP
  
  1536:W1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J1J6:P
Score

1^/10
behavioral3 behavioral4
- Target
  
  ENet.Managed.dll
- Size
  
  266KB
- MD5
  
  022f8eb37dc331134d7862a448beb036
- SHA1
  
  ed17554792617a133c34b3c56f3dc9080361119a
- SHA256
  
  e4c8537c6948d9cc49efadde1bba6e8a28745917f702d828d2477a70c496e647
- SHA512
  
  246296798feba88a424feee0f432951c0f74b799121f8225c77f72a02c2035d2c07aaee0ee9a7ae3c04e4c9d43c11319d7014078d8ec89135a48aeb75fb9d625
- SSDEEP
  
  3072:lEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE:X
Score

1^/10
behavioral5 behavioral6
- Target
  
  Eternity.exe
- Size
  
  1.3MB
- MD5
  
  ef451fd641c05a1a83e2be29a405b4dd
- SHA1
  
  f4572606224ac0e8d1e6bf3daabbc6b794d81be9
- SHA256
  
  6b02571572867398bea14e8c7bb83a4a1ba79b42d9cfac884957786ebd06fba4
- SHA512
  
  0e15e95f17616a19ceed8e4da5c5da738ca8971009782fc39644710621ce41e8c6503a74cd8c6351250dc2e6ee8052d381f21482ce15954f5bfd47792e5335e1
- SSDEEP
  
  12288:iTEYAsROAsrt/uxduo1jB0Y96qGCirtbb+ZlKm9fn7sKVoFYhakR37hwHPPKv5N0:iwT7rC6qDIESmlFw6eMrI
Score

10^/10

eternity spyware stealer
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Drops startup file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral7 behavioral8
- Target
  
  Newtonsoft.Json.dll
- Size
  
  618KB
- MD5
  
  c7f8fcb79c5c2d1323831ef995e28960
- SHA1
  
  d22de1db785c02c9ca31b01e2dca866007a1cda7
- SHA256
  
  2ee9c1d11cc776a271328bf3ad7715f143343eccb40d45f7841b32cfdf24453c
- SHA512
  
  71da9b6b3896a37cb46b6f0e0497c6f3e7be64010e1e85860d31713931366b2a2cc33b95ace198b02922e6a7ff1cc6811c616703b8814d9c5aa6d4977bfdf029
- SSDEEP
  
  1536:2xWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWQxWH:j
Score

1^/10
behavioral10 behavioral9
- Target
  
  System.Buffers.dll
- Size
  
  94KB
- MD5
  
  7cf01184e03884f4c4f290854d592aa7
- SHA1
  
  0ed0d6563799f016de3765523ca903b942c46d98
- SHA256
  
  b7eff4f364f88d99645c16ff77bbd75a4579d93b9faddb4ff811bf2b50a258d4
- SHA512
  
  4236e26f28059102a3352eb6d3be0a5f440fc4d80598839d8389f0372570c548397673b9569f99e12a325a805a5d4e545ddc614bf792c945cc6e235e966dd23e
- SSDEEP
  
  1536:xp6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6p6F:u
Score

1^/10
behavioral11 behavioral12
- Target
  
  System.Memory.dll
- Size
  
  981KB
- MD5
  
  f4d8e75d7b5cf067b7637498fe6977b2
- SHA1
  
  f36e9894d440bb87045eac00f2f10a1176f6b7b4
- SHA256
  
  108eb8f096d34d6d0aab2aa8b8259796e7904e6854fb7ad16df64a6aa2f0155c
- SHA512
  
  8f865b4242716fc807c27870fbe66e8ea75c6670f70cab4548cc2ad34e1b85722806fa5346545ceef14ff6e1b4b6c17fadf5b3b374687f4e94e190edcf1e8b34
- SSDEEP
  
  3072:dXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXt:n
Score

1^/10
behavioral13 behavioral14
- Target
  
  System.Numeric.Vectors.dll
- Size
  
  194KB
- MD5
  
  a8789ceb5867155ebf5dd8877d3a4308
- SHA1
  
  3216391a111cce6211e10796b541dab5d583cec0
- SHA256
  
  02b4c370c2f1c461f97d1e11e582474c02b8c2f1bd36822ab7c952f79ca299ad
- SHA512
  
  ed31efea073bb915de31d148952e02428fa2f09edff6b71296e0490a33f4533dd0473803690019dc14fd854ade632b2092aefd7d4a52bb4e44d786c17bd1a9e6
- SSDEEP
  
  6144:nyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy4:nyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyO
Score

1^/10
behavioral15 behavioral16
- Target
  
  System.Runtime.ComplierServices.Unsafe.dll
- Size
  
  127KB
- MD5
  
  b5eb8cf24be43029ab6fff36c8dc6cca
- SHA1
  
  e096c2f2c91478e39c6909f3e096081845479cde
- SHA256
  
  101ecd36b6387d7b52c6e6b7e19350d14bf81c5cac27cd54c0b7ed166b7416bc
- SHA512
  
  eef78d138de394ce1f19f4537c87937919192bd94dd0ea7664c59d31f6e861b80ddd1c358d8377ed26fdb4de3a5bed7fd4fc957f257a68d45a3748caf320d764
- SSDEEP
  
  1536:slyOG/gXslyOG/gXslyOG/gXslyOG/gXslyOG/gXslyOG/gXslyOG/gXslyOG/gT:slulululululululululB
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

stealereternity

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

eternityspywarestealer

behavioral8

eternityspywarestealer

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18