eternity | 9602514ab2e12bcba98dd4d6c655d41ed27cf6f39303bd111b479b697e6e76b8 | Triage

Sharing

General

Target

Toxia.exe
Size

1.3MB
Sample

241220-16cy6awkhr
MD5

418e10ef96829bcc4e1cf401a9292a79
SHA1

f1b3c5191cdb167bc92110cd3228eac1d7826314
SHA256

9602514ab2e12bcba98dd4d6c655d41ed27cf6f39303bd111b479b697e6e76b8
SHA512

12c648f2fe83c98f65ed3b23b1e5021e398330afc13ebaf7626a61530ec6ad9c1eb5b418501891c606b0aef400ee71c01e18e9f58910de1e3f7578d4cc92af13
SSDEEP

12288:HTEYAsROAsrt/uxduo1jB0Y96qc29b2kt364qPyPJ1eC09OjrILrnSqvSqGsfZ2f:HwT7rC6qdt36bPeJpZKTI6ot3

Score

10^/10

eternity discovery spyware stealer

Malware Config

Targets

- Target
  
  Toxia.exe
- Size
  
  1.3MB
- MD5
  
  418e10ef96829bcc4e1cf401a9292a79
- SHA1
  
  f1b3c5191cdb167bc92110cd3228eac1d7826314
- SHA256
  
  9602514ab2e12bcba98dd4d6c655d41ed27cf6f39303bd111b479b697e6e76b8
- SHA512
  
  12c648f2fe83c98f65ed3b23b1e5021e398330afc13ebaf7626a61530ec6ad9c1eb5b418501891c606b0aef400ee71c01e18e9f58910de1e3f7578d4cc92af13
- SSDEEP
  
  12288:HTEYAsROAsrt/uxduo1jB0Y96qc29b2kt364qPyPJ1eC09OjrILrnSqvSqGsfZ2f:HwT7rC6qdt36bPeJpZKTI6ot3
Score

10^/10

eternity spyware stealer discovery
- Detects Eternity stealer
  stealer
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Eternity family
  eternity
- Drops startup file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

stealereternity

behavioral1

eternityspywarestealer

behavioral2

eternitydiscoveryspywarestealer