General
-
Target
7f5150f3f8c7d4ddc347145febe6298261cd3202cccb13eae92b3bb5d1f51aad
-
Size
733KB
-
Sample
220131-d8ejfaedgm
-
MD5
670c1c408f78531edb204032e6ec1d9a
-
SHA1
cf349c4cc53c3b77ac4f7fecdfe892c3ca685f38
-
SHA256
7f5150f3f8c7d4ddc347145febe6298261cd3202cccb13eae92b3bb5d1f51aad
-
SHA512
db786392d6f470c23459ad793fb2ac5637a973aee1a27984e0a91f4721635017555a7409786cd85ed1604171a4fa8ce812f88d156468e006658d4edc83151f48
Malware Config
Targets
-
-
Target
7f5150f3f8c7d4ddc347145febe6298261cd3202cccb13eae92b3bb5d1f51aad
-
Size
733KB
-
MD5
670c1c408f78531edb204032e6ec1d9a
-
SHA1
cf349c4cc53c3b77ac4f7fecdfe892c3ca685f38
-
SHA256
7f5150f3f8c7d4ddc347145febe6298261cd3202cccb13eae92b3bb5d1f51aad
-
SHA512
db786392d6f470c23459ad793fb2ac5637a973aee1a27984e0a91f4721635017555a7409786cd85ed1604171a4fa8ce812f88d156468e006658d4edc83151f48
Score10/10-
Echelon
Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-