eternity | 5bfe66342387fa1fa6139135493b3e90cfc0cd9a4df4f381c939794f63c75eb4 | Triage

Sharing

General

Target

Project Eternity.rar
Size

1.3MB
Sample

240520-qfepysce9t
MD5

d9edeb080be5aa71322e0cf80cbd7c8b
SHA1

6e302f5d10265a775330f163ba776a2fa2b8d24f
SHA256

5bfe66342387fa1fa6139135493b3e90cfc0cd9a4df4f381c939794f63c75eb4
SHA512

225b4a99e9685d636810a772469085420aae0c1e19dbbcb405bc164073c1d3956a9a23ab016f6a85956e6848467efbf5a4a5544efc1481f00bb82e6ea977385c
SSDEEP

24576:OhOFq7qAmJ9Wr/2lHLWoTIZ/lmXLfnYHDJBUucqf4lQMtjSbV:OwFwqAmJ9melioTIZwLWNVf4HcV

Score

10^/10

eternity spyware stealer

Malware Config

Targets

- Target
  
  Project Eternity.rar
- Size
  
  1.3MB
- MD5
  
  d9edeb080be5aa71322e0cf80cbd7c8b
- SHA1
  
  6e302f5d10265a775330f163ba776a2fa2b8d24f
- SHA256
  
  5bfe66342387fa1fa6139135493b3e90cfc0cd9a4df4f381c939794f63c75eb4
- SHA512
  
  225b4a99e9685d636810a772469085420aae0c1e19dbbcb405bc164073c1d3956a9a23ab016f6a85956e6848467efbf5a4a5544efc1481f00bb82e6ea977385c
- SSDEEP
  
  24576:OhOFq7qAmJ9Wr/2lHLWoTIZ/lmXLfnYHDJBUucqf4lQMtjSbV:OwFwqAmJ9melioTIZwLWNVf4HcV
Score

10^/10

eternity spyware stealer
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Drops startup file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  Project Eternity/Bunifu.dll
- Size
  
  232KB
- MD5
  
  a956773892ea3bb538c4656475c35126
- SHA1
  
  e2cc84075cd18b96623fd29d529873f379e398c2
- SHA256
  
  d95d7cdb4a549a7f9a06c9059027bd90e926a15b21f118a59536ee9b5febb768
- SHA512
  
  d376b8700d2461e63c4da6fc0dedcc33aa44dca4766fa50fa2cc4475d8bb00fc919568967a2f3b250b8f40a3e45bf48421f3b7f35e081a55805683f3092645e7
- SSDEEP
  
  6144:wHZKhR7DDGGWH7qriB6V5XGLXHb4Hp9JH:wHZKhR7DDGGemriBw5XFHz
Score

1^/10
behavioral3 behavioral4
- Target
  
  Project Eternity/ENet.Managed.dll
- Size
  
  827KB
- MD5
  
  816a81ac833687f237182ad574a4d6b2
- SHA1
  
  53f1ab89e3ceccf0293eeb0b86679e1cc0cc85aa
- SHA256
  
  8b75146db5dc7240ab1c3369aa424568a83bb73ae74eb8e8a79b7f440242daa7
- SHA512
  
  859f84b4fa1291fd094f31843ebb39f41c926d766d770b07df845c6c08686766166a9b15817f24cd160e659904d4d3865b4daf584400e77c72af3e815bd16378
- SSDEEP
  
  12288:uRqwhxzcEtaJzhp/tDLb3Oun7H0HLv3rJmZLcyKu7RTT6akCN7VcX:uxYFVDP5ALTMLp/t7kCVq
Score

1^/10
behavioral5 behavioral6
- Target
  
  Project Eternity/Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral7 behavioral8
- Target
  
  Project Eternity/Project Eternity.exe
- Size
  
  1.4MB
- MD5
  
  50074d499bbbd1dc6ba6e2618a9d9e30
- SHA1
  
  1cd7353ae61ddbb72b299348eb9c86429ded90ab
- SHA256
  
  4ec78f05f11b92bb149115551e9d592e4d30274f87bb93fe9ab68ab5fe4c908c
- SHA512
  
  0e02722743aeb8b4c1adb9f14d47067854c015cd2828f01885deb70f6a3c64fab859db29374f8cc09bf5a3059ed21b5c63f1355c781e1aca654dce907d13a8af
- SSDEEP
  
  24576:vwT7rC6q91oQzaXC/4eNVUO5dZYBLAm9h0Eo:2rC6qnWavNYl/D0
Score

10^/10

eternity spyware stealer
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Drops startup file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral10 behavioral9
- Target
  
  Project Eternity/System.Buffers.dll
- Size
  
  20KB
- MD5
  
  a48936868abf91274def7231aa52dbb5
- SHA1
  
  f02fa5231536c0dd9cef9e84e609646b23d5d33c
- SHA256
  
  423200010a7684763451473a4fb206dfa074fc8249676621ef9d9a13417d364d
- SHA512
  
  c8fe3d1314794ae7071a647e328a46a30e6d96e574daa896fcebebf6bb51ce0af14e6cc63a0e1600a0e4adbc7aa18e97ee58581adccac23981c029ea782b5f9d
- SSDEEP
  
  384:ay/fjFwUI/KQyVvKdDhG6ISDFWvYW8aIcyHRN7WEg2ly0:auhMaVmzDC6b
Score

1^/10
behavioral11 behavioral12
- Target
  
  Project Eternity/System.Memory.dll
- Size
  
  138KB
- MD5
  
  f09441a1ee47fb3e6571a3a448e05baf
- SHA1
  
  3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde
- SHA256
  
  bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f
- SHA512
  
  0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6
- SSDEEP
  
  3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU
Score

1^/10
behavioral13 behavioral14
- Target
  
  Project Eternity/System.Numerics.Vectors.dll
- Size
  
  113KB
- MD5
  
  aaa2cbf14e06e9d3586d8a4ed455db33
- SHA1
  
  3d216458740ad5cb05bc5f7c3491cde44a1e5df0
- SHA256
  
  1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
- SHA512
  
  0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
- SSDEEP
  
  1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score

1^/10
behavioral15 behavioral16
- Target
  
  Project Eternity/System.Runtime.CompilerServices.Unsafe.dll
- Size
  
  16KB
- MD5
  
  c4cfe03f75bc01969bc936c9c09baa12
- SHA1
  
  cb96ea48ee8aa9fe764d6f1ec30751001a0a646d
- SHA256
  
  a2d38a330df390cc739689369a36520fe491d3660d73974eb46b51608f50675b
- SHA512
  
  6db15403523b6c966d7aa6906cfc219a956f6c7a68c60774e9ed9f261df1a4d6731b92c59f3caafaeb345b853cd237fa163155b8b8e7825ba69a634878c929e2
- SSDEEP
  
  192:RMyaqO8cxdQWXYWJeaotWsI9A9GaHnhWgN7aJeWwgCWuXqnaju02aU:RTO9dQWXYW8aocyHRN7WEgSly0
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

stealereternity

behavioral1

eternityspywarestealer

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

eternityspywarestealer

behavioral10

eternityspywarestealer

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18