eternity | 7021d3394cf49d1425d08e97e5b7a92c505bad9c5d7185b6a329b9ac0bcc347e | Triage

Sharing

General

Target

cracked_ajproxy_v12.6.exe
Size

1.6MB
Sample

240226-k87njsad5x
MD5

81b8a06332544fc839b5b4d823637fd2
SHA1

b65a8b859b40881642e3be0e12450a48372df8c2
SHA256

7021d3394cf49d1425d08e97e5b7a92c505bad9c5d7185b6a329b9ac0bcc347e
SHA512

298eafba0045cf880899b204f9d24acd0615bdec71722ba59d14d9636f035078b1bbd9af1b6422c2074057bdac65852fb97d31510e10edb012fae4b00de9f59d
SSDEEP

24576:AAyH9t5/YZnpa1gPLrUtTi8VOhF2i+3gN6vyptsaZq5ilgmoW3lH1oWA+8LAoy7:MHKZnggMgnhFZ6vynoC3NuX+8L2

Score

10^/10

eternity persistence stealer

Malware Config

Targets

- Target
  
  cracked_ajproxy_v12.6.exe
- Size
  
  1.6MB
- MD5
  
  81b8a06332544fc839b5b4d823637fd2
- SHA1
  
  b65a8b859b40881642e3be0e12450a48372df8c2
- SHA256
  
  7021d3394cf49d1425d08e97e5b7a92c505bad9c5d7185b6a329b9ac0bcc347e
- SHA512
  
  298eafba0045cf880899b204f9d24acd0615bdec71722ba59d14d9636f035078b1bbd9af1b6422c2074057bdac65852fb97d31510e10edb012fae4b00de9f59d
- SSDEEP
  
  24576:AAyH9t5/YZnpa1gPLrUtTi8VOhF2i+3gN6vyptsaZq5ilgmoW3lH1oWA+8LAoy7:MHKZnggMgnhFZ6vynoC3NuX+8L2
Score

10^/10

eternity persistence stealer
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Drops startup file
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

eternitypersistencestealer