eternity | a9f6ca54ef2bf71e056c7ad098f64aa6f558ed2827b212b0a817877a4e43466c | Triage

Submit
Reports

Overview

overview

Static

static

1

! Prefabs.txt

windows10-2004-x64

Resubmissions

18-12-2024 21:59

241218-1v489strcn 10

18-12-2024 21:54

241218-1sk3lstjct 6

Sharing

General

Target

! Prefabs.txt
Size

17KB
Sample

241218-1v489strcn
MD5

6fc06edcb562b363ae47fe9dd553b23e
SHA1

2bddabe7eb5851cc685ff0ce6639d6654d76380b
SHA256

a9f6ca54ef2bf71e056c7ad098f64aa6f558ed2827b212b0a817877a4e43466c
SHA512

9143645b5b11d75361fcd81865464690641bd7a26fb5a6c1bc333a3fe13fa43aa35913faa3a615bafc814325afa7dd96f2a789b2cdea0a70034f073db32416ae
SSDEEP

384:7iF7lV68CrBAOVVCbGV6SqZdQNCR88Tg7AlkuYiLhPxb8kwL2V:u5rOrC86SqUCfg7AlkuYiLRxbTIq

Score

10^/10

eternity discovery evasion stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

! Prefabs.txt

Resource

win10v2004-20241007-en

eternity discovery evasion stealer trojan

windows10-2004-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  ! Prefabs.txt
- Size
  
  17KB
- MD5
  
  6fc06edcb562b363ae47fe9dd553b23e
- SHA1
  
  2bddabe7eb5851cc685ff0ce6639d6654d76380b
- SHA256
  
  a9f6ca54ef2bf71e056c7ad098f64aa6f558ed2827b212b0a817877a4e43466c
- SHA512
  
  9143645b5b11d75361fcd81865464690641bd7a26fb5a6c1bc333a3fe13fa43aa35913faa3a615bafc814325afa7dd96f2a789b2cdea0a70034f073db32416ae
- SSDEEP
  
  384:7iF7lV68CrBAOVVCbGV6SqZdQNCR88Tg7AlkuYiLhPxb8kwL2V:u5rOrC86SqUCfg7AlkuYiLRxbTIq
Score

10^/10

eternity discovery evasion stealer trojan
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Eternity family
  eternity
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Drops startup file
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

eternitydiscoveryevasionstealertrojan

© 2018-2024

Terms | Privacy