eternity | 6bec7f62ef26d60a983b02bd2e9cac78608df3481f301b0d1e8e36be23cd1522 | Triage

Submit
Reports

Overview

overview

Static

static

Silviozas Proxy.exe

windows7-x64

Silviozas Proxy.exe

windows10-2004-x64

Sharing

General

Target

Silviozas Proxy.exe
Size

903KB
Sample

240328-nstzasbe5t
MD5

d6a38a9a0b7eb11945a25a72dbd398de
SHA1

29d340ff3b9f6866cf18c741326fb47dd3c496c8
SHA256

6bec7f62ef26d60a983b02bd2e9cac78608df3481f301b0d1e8e36be23cd1522
SHA512

5eb4eac3e569f92f0e23666cfae4a5ee73972b072cb0d81b898138eea76ad64fdbc64b77a8b4b99c234d504bdf3c9baea5dde32069c57d1065cce77b482704bf
SSDEEP

12288:OTEYAsROAsrt/uxduo1jB0Y96qwKxkNaYaBPbDb9xOTeFYvVHMPONEtn:OwT7rC6qwKx73brOTeFEVHtNq

Score

10^/10

eternity evasion stealer trojan

Static task

static1

stealer eternity

4 signatures

Behavioral task

behavioral1

Sample

Silviozas Proxy.exe

Resource

win7-20240220-en

eternity evasion stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

Silviozas Proxy.exe

Resource

win10v2004-20240226-en

eternity evasion stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Silviozas Proxy.exe
- Size
  
  903KB
- MD5
  
  d6a38a9a0b7eb11945a25a72dbd398de
- SHA1
  
  29d340ff3b9f6866cf18c741326fb47dd3c496c8
- SHA256
  
  6bec7f62ef26d60a983b02bd2e9cac78608df3481f301b0d1e8e36be23cd1522
- SHA512
  
  5eb4eac3e569f92f0e23666cfae4a5ee73972b072cb0d81b898138eea76ad64fdbc64b77a8b4b99c234d504bdf3c9baea5dde32069c57d1065cce77b482704bf
- SSDEEP
  
  12288:OTEYAsROAsrt/uxduo1jB0Y96qwKxkNaYaBPbDb9xOTeFYvVHMPONEtn:OwT7rC6qwKx73brOTeFEVHtNq
Score

10^/10

eternity evasion stealer trojan
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Drops startup file
- Executes dropped EXE
- Windows security modification
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealereternity

behavioral1

eternityevasionstealertrojan

behavioral2

eternityevasionstealertrojan

© 2018-2025

Terms | Privacy