echelon | 18f6c675acef58163ad7322fbbaf75ac8d92c50e3f4e2dd02f26bbc4a93f4262 | Triage

Sharing

General

Target

stpastio.exe
Size

1.0MB
Sample

210730-vdr2r6k4q6
MD5

76240af1d6ebffbf210af7d95b59b97e
SHA1

8f029dfb9a98bd1c34335010c97780ac3f602d61
SHA256

18f6c675acef58163ad7322fbbaf75ac8d92c50e3f4e2dd02f26bbc4a93f4262
SHA512

71f2a9bb9a3ba9b0123fa302c6a96f9ff5b58be7804d1a84c170c4b69173428ddbc6807e91e034b23f83db9b51dfb8c6c7ae439fb822b7887927e5c84c007687

Score

10^/10

echelon spyware stealer

Malware Config

Targets

- Target
  
  stpastio.exe
- Size
  
  1.0MB
- MD5
  
  76240af1d6ebffbf210af7d95b59b97e
- SHA1
  
  8f029dfb9a98bd1c34335010c97780ac3f602d61
- SHA256
  
  18f6c675acef58163ad7322fbbaf75ac8d92c50e3f4e2dd02f26bbc4a93f4262
- SHA512
  
  71f2a9bb9a3ba9b0123fa302c6a96f9ff5b58be7804d1a84c170c4b69173428ddbc6807e91e034b23f83db9b51dfb8c6c7ae439fb822b7887927e5c84c007687
Score

10^/10

echelon spyware stealer
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2