echelon | 5846a8f96c27b089cbb3cba02aeb3b60a8b4fb0a9083b1414474e86ca92c79d0 | Triage

Sharing

General

Target

Lucky_Execute.bin
Size

1.0MB
Sample

210408-tmez342q6j
MD5

0a8d7545824b45b1b49fe4edabfa7ed4
SHA1

aa2bdeca74c0a49a3c7305cfd477e6ef1317b7a2
SHA256

5846a8f96c27b089cbb3cba02aeb3b60a8b4fb0a9083b1414474e86ca92c79d0
SHA512

81b2b00883270bdae2c75c999b3b98bef9325c5af3ecd7afa0dcbecd4220531046a464713d9b75b54c8e960ada2167191477541724b548289fec1bb42087c669

Score

10^/10

echelon spyware stealer

Malware Config

Targets

- Target
  
  Lucky_Execute.bin
- Size
  
  1.0MB
- MD5
  
  0a8d7545824b45b1b49fe4edabfa7ed4
- SHA1
  
  aa2bdeca74c0a49a3c7305cfd477e6ef1317b7a2
- SHA256
  
  5846a8f96c27b089cbb3cba02aeb3b60a8b4fb0a9083b1414474e86ca92c79d0
- SHA512
  
  81b2b00883270bdae2c75c999b3b98bef9325c5af3ecd7afa0dcbecd4220531046a464713d9b75b54c8e960ada2167191477541724b548289fec1bb42087c669
Score

10^/10

echelon spyware stealer
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2