General
-
Target
ExLoader_Installer.exe
-
Size
6.9MB
-
Sample
210822-9jfv4zt6y6
-
MD5
e379e32a7ebab69886a166b052085e48
-
SHA1
2c91af7b4fe73dc260ac82d2b698a024ee1cd967
-
SHA256
1d936ea9fb383d4cc2138f2e6a1469321ad308b0b9a4e4ab062bd6d19da041bb
-
SHA512
afc68ee0f66389f0978f707c2f8ccc469fd9df0e82c7f317984cab5f4783ffc9f673a37edae2180e327dd23d8096d5d294769d13f8ac2baa3d28a38ee9b3ba6b
Malware Config
Targets
-
-
Target
ExLoader_Installer.exe
-
Size
6.9MB
-
MD5
e379e32a7ebab69886a166b052085e48
-
SHA1
2c91af7b4fe73dc260ac82d2b698a024ee1cd967
-
SHA256
1d936ea9fb383d4cc2138f2e6a1469321ad308b0b9a4e4ab062bd6d19da041bb
-
SHA512
afc68ee0f66389f0978f707c2f8ccc469fd9df0e82c7f317984cab5f4783ffc9f673a37edae2180e327dd23d8096d5d294769d13f8ac2baa3d28a38ee9b3ba6b
Score10/10-
Echelon
Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-