General
-
Target
627252e2739bca3c1ffacc25cda7e5de
-
Size
746KB
-
Sample
240117-mymazadgdr
-
MD5
627252e2739bca3c1ffacc25cda7e5de
-
SHA1
d8f843a86d8ce0f209b9ee2b5212ebced41bf095
-
SHA256
69a91c5ec25c9d0f145bf8b6429483d45f1945511887afcbdddd2c1a3de82c27
-
SHA512
0e1a8c26f8d68c76e31ba64adde179dd0ac23182d8633a0a50c2ea86160c20783f6b1c5127641710383d0169d54e92de81b2c7c416a7dd3854bd919b5e590f8d
-
SSDEEP
12288:ieJKTFl3iZlnBB9fgsBemxiO9WzfBEHht/Tn6flqFxmXxrVw09Vjy/QA:1a3iPBB94ae62JEBhT6flqz709Vjy/R
Malware Config
Targets
-
-
Target
627252e2739bca3c1ffacc25cda7e5de
-
Size
746KB
-
MD5
627252e2739bca3c1ffacc25cda7e5de
-
SHA1
d8f843a86d8ce0f209b9ee2b5212ebced41bf095
-
SHA256
69a91c5ec25c9d0f145bf8b6429483d45f1945511887afcbdddd2c1a3de82c27
-
SHA512
0e1a8c26f8d68c76e31ba64adde179dd0ac23182d8633a0a50c2ea86160c20783f6b1c5127641710383d0169d54e92de81b2c7c416a7dd3854bd919b5e590f8d
-
SSDEEP
12288:ieJKTFl3iZlnBB9fgsBemxiO9WzfBEHht/Tn6flqFxmXxrVw09Vjy/QA:1a3iPBB94ae62JEBhT6flqz709Vjy/R
Score10/10-
Echelon
Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-