General
-
Target
9.exe
-
Size
1.0MB
-
Sample
210813-an61xpx6e6
-
MD5
6016445d4e3cee2e3efc99f412e9dadc
-
SHA1
c2340620feee283fa98bf67b468b73c6868bbe0b
-
SHA256
a6960926d530880cde47a08146cb733b1b69fad3cd30b8af4d7afa999254e3c0
-
SHA512
cd23c3b8ee689e49d0c3d3c58bb82af15449edad2a51ce8d56063fb12a4f05b57fcd866175844dd371ba4f3366cf9ad5da9183cf4fa09ca20f5cef887d59c19a
Malware Config
Targets
-
-
Target
9.exe
-
Size
1.0MB
-
MD5
6016445d4e3cee2e3efc99f412e9dadc
-
SHA1
c2340620feee283fa98bf67b468b73c6868bbe0b
-
SHA256
a6960926d530880cde47a08146cb733b1b69fad3cd30b8af4d7afa999254e3c0
-
SHA512
cd23c3b8ee689e49d0c3d3c58bb82af15449edad2a51ce8d56063fb12a4f05b57fcd866175844dd371ba4f3366cf9ad5da9183cf4fa09ca20f5cef887d59c19a
Score10/10-
Echelon
Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-