General

  • Target

    cd4ba6a5ecbcbaa727b4da9e16c9f960

  • Size

    1.2MB

  • Sample

    210624-65k7f4nnla

  • MD5

    cd4ba6a5ecbcbaa727b4da9e16c9f960

  • SHA1

    9da58c60081a3c3120460d7d8923be3bd65882bc

  • SHA256

    699724f6a8610c280586bf239477584de4e456b8e6f2aff27fce8c0b41bb56c9

  • SHA512

    f327b53e47d08637d2421c26abed83079c45a67f945bf0440cae0c4817b842be1b32684d9546bd7f1d442e9b9009d2e9fc518262759be86f35a430bc8eb42c37

Score
10/10

Malware Config

Targets

    • Target

      cd4ba6a5ecbcbaa727b4da9e16c9f960

    • Size

      1.2MB

    • MD5

      cd4ba6a5ecbcbaa727b4da9e16c9f960

    • SHA1

      9da58c60081a3c3120460d7d8923be3bd65882bc

    • SHA256

      699724f6a8610c280586bf239477584de4e456b8e6f2aff27fce8c0b41bb56c9

    • SHA512

      f327b53e47d08637d2421c26abed83079c45a67f945bf0440cae0c4817b842be1b32684d9546bd7f1d442e9b9009d2e9fc518262759be86f35a430bc8eb42c37

    Score
    10/10
    • Echelon

      Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks