echelon | 86f2fcc5ac4a7e5af68c2814b3fbc96c96df589fc92db49e6cf79e19c95f26ca | Triage

Submit
Reports

Overview

overview

Static

static

Win1030SEC

windows10_x64

Sharing

General

Target

Phantom.rar
Size

1.1MB
Sample

210501-cpjt1q6kjx
MD5

35340aa36cf701451ae020f4e916a774
SHA1

a36917c71ad5f14b3da2e0c74f9197c6d1c49773
SHA256

86f2fcc5ac4a7e5af68c2814b3fbc96c96df589fc92db49e6cf79e19c95f26ca
SHA512

7626581b9f3e389f4349eb72932010b9fc57d834662a25508bfae221ed7d072ec881360d92acf1cbac384510cef4a746857cb8c2a8ad153974c75f5faabaf7fd

Score

10^/10

echelon spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Phantom.exe

Resource

win10v20210408

echelon spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Phantom.exe
- Size
  
  1.5MB
- MD5
  
  de410adc180c797cacd651d8cdce4bf5
- SHA1
  
  4366c4de79abd01a8e4fc8cb135807f857a7acdd
- SHA256
  
  3d5f85346e83ad7a3c1e881c20afc95dd4d7ddf0a1372e47193761225e054cd4
- SHA512
  
  d1c38390395fa720460b2188be6a96bbaa4f34c642d5e827f5e3c4ab9f14b7d8d77ec73691a514902671a0b796e4aebd2269b20a71570dc1e4095ee69988bff0
Score

10^/10

echelon spyware stealer
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

echelonspywarestealer

© 2018-2024

Terms | Privacy