echelon | eee4fba673b357a74ced02afde9f0dd7cf44c88e56c4eec83e3c958435d1dc10 | Triage

Sharing

General

Target

020cb440a198e13ef81ba5b21285450d
Size

1.0MB
Sample

231229-yd22gagef9
MD5

020cb440a198e13ef81ba5b21285450d
SHA1

779a7f07be3f27b7e22ed41496570685f49c4fb7
SHA256

eee4fba673b357a74ced02afde9f0dd7cf44c88e56c4eec83e3c958435d1dc10
SHA512

5e21500f46a1c1c5504e0c1a7f4c0a2f457bffc5438e96d843f09d1dacb8336381fe5e8a3c8f81be3a72f32969dc5b07b2bb734d553733d113aa70538c3566ad
SSDEEP

24576:mfQYosxhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRt+G:Uo54clgLH+tkWJ0Nb

Score

10^/10

echelon spyware stealer

Malware Config

Targets

- Target
  
  020cb440a198e13ef81ba5b21285450d
- Size
  
  1.0MB
- MD5
  
  020cb440a198e13ef81ba5b21285450d
- SHA1
  
  779a7f07be3f27b7e22ed41496570685f49c4fb7
- SHA256
  
  eee4fba673b357a74ced02afde9f0dd7cf44c88e56c4eec83e3c958435d1dc10
- SHA512
  
  5e21500f46a1c1c5504e0c1a7f4c0a2f457bffc5438e96d843f09d1dacb8336381fe5e8a3c8f81be3a72f32969dc5b07b2bb734d553733d113aa70538c3566ad
- SSDEEP
  
  24576:mfQYosxhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRt+G:Uo54clgLH+tkWJ0Nb
Score

10^/10

echelon spyware stealer
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

echelonspywarestealer