SYMBOLCOMMON_NAMEaka. SYNONYMS
win.bookofeli (Back to overview)

Book of Eli


This in .Net written malware is a classic information stealer. It can collect various information and can be depoyed in different configurations: "The full-featured version of the malware can log keystrokes, collect profile files of Mozilla Firefox and Google Chrome browsers, record sound from the microphone, grab desktop screenshots, capture photo from the webcam, and collect information about the version of the operation system and installed anti-virus software." (ESET)
This malware has been active since at least 2012.

References
2016-09-22ESET ResearchAnton Cherepanov
Book of Eli: African targeted attacks
Book of Eli

There is no Yara-Signature yet.