eternity | ec404dcd1803afcd25cdeccdcea7078204e2a63789c2e02eb721bdfa94b20c98 | Triage

Submit
Reports

Overview

overview

Static

static

1

hmKBg8jjXR.html

windows7-x64

3

hmKBg8jjXR.html

windows10-2004-x64

Sharing

General

Target

hmKBg8jjXR
Size

10KB
Sample

241201-f8ns8axpg1
MD5

b3b36dbf184e4e73bc1939036af7b3d3
SHA1

1606269a3caa2251e90b81faa688619745d22d94
SHA256

ec404dcd1803afcd25cdeccdcea7078204e2a63789c2e02eb721bdfa94b20c98
SHA512

88c3994a80a5cbced62f9d01092f34bbced9e7c6f4959158569465227b38521942bce45333b5c80a25f82439b1c239f875cf730fdb9b129e0684373271aa1ea1
SSDEEP

96:AKQf4iKKwOfRrcLHLYRe5mvtgCsXe5oE9Anx/IJ:BQAkRrcLnoVNanx/0

Score

10^/10

eternity discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

hmKBg8jjXR.html

Resource

win7-20240903-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

hmKBg8jjXR.html

Resource

win10v2004-20241007-en

eternity discovery spyware stealer

windows10-2004-x64

21 signatures

300 seconds

Malware Config

Targets

- Target
  
  hmKBg8jjXR
- Size
  
  10KB
- MD5
  
  b3b36dbf184e4e73bc1939036af7b3d3
- SHA1
  
  1606269a3caa2251e90b81faa688619745d22d94
- SHA256
  
  ec404dcd1803afcd25cdeccdcea7078204e2a63789c2e02eb721bdfa94b20c98
- SHA512
  
  88c3994a80a5cbced62f9d01092f34bbced9e7c6f4959158569465227b38521942bce45333b5c80a25f82439b1c239f875cf730fdb9b129e0684373271aa1ea1
- SSDEEP
  
  96:AKQf4iKKwOfRrcLHLYRe5mvtgCsXe5oE9Anx/IJ:BQAkRrcLnoVNanx/0
Score

10^/10

discovery eternity spyware stealer
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Eternity family
  eternity
- Downloads MZ/PE file
- Drops startup file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

eternitydiscoveryspywarestealer

© 2018-2024

Terms | Privacy