Overview

overview

10

Static

static

10

Hack.exe

windows7_x64

10

Hack.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Hack.exe

  • Size

    1.2MB

  • Sample

    200827-vbknlwtr8x

  • MD5

    fed2a8736c84eda9dcc8533b5019f7d8

  • SHA1

    b2dbb7a42d46f9f694912b9d0554e10c0240952a

  • SHA256

    264662e60005a099f9aaaa88e1dcee1381a3a187a158fdfbc40bbd5024407cb1

  • SHA512

    ae7778829b3fb66b2e7bed20e6ae1e8ae86b3f7d4279b554416cc1cc71df4a766cd0199ba914b2de31b3bba4db42d0b99bd07f7228aaacf5a80ed582e00c9ec3

Score
10/10
darkstealerechelondiscoveryspywarestealer

Malware Config

Targets

    • Target

      Hack.exe

    • Size

      1.2MB

    • MD5

      fed2a8736c84eda9dcc8533b5019f7d8

    • SHA1

      b2dbb7a42d46f9f694912b9d0554e10c0240952a

    • SHA256

      264662e60005a099f9aaaa88e1dcee1381a3a187a158fdfbc40bbd5024407cb1

    • SHA512

      ae7778829b3fb66b2e7bed20e6ae1e8ae86b3f7d4279b554416cc1cc71df4a766cd0199ba914b2de31b3bba4db42d0b99bd07f7228aaacf5a80ed582e00c9ec3

    Score
    10/10
    echelondiscoveryspywarestealer

    • Echelon

      Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.

      stealerspywareechelon

    • Echelon log file

      Detects a log file produced by Echelon.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks