echelon | 6d5e3ff4357858fd6bbab3840d78714f9126a5cae6771ba45b833108c2da8b6f | Triage

Submit
Reports

Overview

overview

Static

static

RegAsm.bin.exe

windows7_x64

6

RegAsm.bin.exe

windows10_x64

Sharing

General

Target

RegAsm.bin
Size

649KB
Sample

200921-t88w3lhtn2
MD5

91f2eb065ad2dc3a29b1f28668342e56
SHA1

1b5013438a97d9a620a6ddaf687f5e31b58fca00
SHA256

6d5e3ff4357858fd6bbab3840d78714f9126a5cae6771ba45b833108c2da8b6f
SHA512

972ed645179e5521722b7ec484f216d45c975cbaf168f794ae2457512697e30741fa7a973f59a4da9752cfe290e3cbf57bcf2d5f8445a3287de42f1c5479c441

Score

10^/10

echelon discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

RegAsm.bin.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RegAsm.bin.exe

Resource

win10v200722

discovery stealer spyware echelon

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  RegAsm.bin
- Size
  
  649KB
- MD5
  
  91f2eb065ad2dc3a29b1f28668342e56
- SHA1
  
  1b5013438a97d9a620a6ddaf687f5e31b58fca00
- SHA256
  
  6d5e3ff4357858fd6bbab3840d78714f9126a5cae6771ba45b833108c2da8b6f
- SHA512
  
  972ed645179e5521722b7ec484f216d45c975cbaf168f794ae2457512697e30741fa7a973f59a4da9752cfe290e3cbf57bcf2d5f8445a3287de42f1c5479c441
Score

10^/10

discovery stealer spyware echelon
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses cryptocurrency wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoverystealerspywareechelon

© 2018-2024

Terms | Privacy