echelon | 2da5d10cdba79d8a8153eaf7ab3d4aad3afaf14c6d9098f7720858c61910948c | Triage

Submit
Reports

Overview

overview

Static

static

Lucky Fixed.exe

windows7_x64

8

Lucky Fixed.exe

windows10-2004_x64

Sharing

General

Target

Lucky Fixed.bin
Size

1.5MB
Sample

220711-plk89abdb8
MD5

02346b31c94a650a16dea1a262db5153
SHA1

a301b0d05d01a35b6e893d3d2ebe9bf8985ae434
SHA256

2da5d10cdba79d8a8153eaf7ab3d4aad3afaf14c6d9098f7720858c61910948c
SHA512

1b6bd5adc407829ffbfadea6e4d37b0b21baaac926fd909ed9fe0c7084a2f432df11a2640dd6423cff9a8beb0b4e11b272c2a02f48f75b64dc25f8b109838c9a

Score

10^/10

echelon spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Lucky Fixed.exe

Resource

win7-20220414-en

spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Lucky Fixed.exe

Resource

win10v2004-20220414-en

echelon spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Lucky Fixed.bin
- Size
  
  1.5MB
- MD5
  
  02346b31c94a650a16dea1a262db5153
- SHA1
  
  a301b0d05d01a35b6e893d3d2ebe9bf8985ae434
- SHA256
  
  2da5d10cdba79d8a8153eaf7ab3d4aad3afaf14c6d9098f7720858c61910948c
- SHA512
  
  1b6bd5adc407829ffbfadea6e4d37b0b21baaac926fd909ed9fe0c7084a2f432df11a2640dd6423cff9a8beb0b4e11b272c2a02f48f75b64dc25f8b109838c9a
Score

10^/10

spyware stealer echelon
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

echelonspywarestealer

© 2018-2024

Terms | Privacy