General

  • Target

    69fa727ccf84c2f677b7231960fdb1c9

  • Size

    1.3MB

  • Sample

    240120-kkwalsfda4

  • MD5

    69fa727ccf84c2f677b7231960fdb1c9

  • SHA1

    a61943b826df64a1421441539f9703b9954d43d6

  • SHA256

    ede17bc45691636246b55b5d49a02fbdbee75ceb4d38dc8a04ee42bf8135d98c

  • SHA512

    021b930990e68b97da5afc4907656a3a7398e459b313580a00f5c61a40d92b45a04cfd7680450162284903866744e3d5237176b84ccd86efe1214c88164051f6

  • SSDEEP

    24576:Ov9MKQ72cZzFoipVyN31n4sOzTuGag+7B9OE395ghhig:kc72cRCEmn4sOYjB9OOv6V

Malware Config

Targets

    • Target

      69fa727ccf84c2f677b7231960fdb1c9

    • Size

      1.3MB

    • MD5

      69fa727ccf84c2f677b7231960fdb1c9

    • SHA1

      a61943b826df64a1421441539f9703b9954d43d6

    • SHA256

      ede17bc45691636246b55b5d49a02fbdbee75ceb4d38dc8a04ee42bf8135d98c

    • SHA512

      021b930990e68b97da5afc4907656a3a7398e459b313580a00f5c61a40d92b45a04cfd7680450162284903866744e3d5237176b84ccd86efe1214c88164051f6

    • SSDEEP

      24576:Ov9MKQ72cZzFoipVyN31n4sOzTuGag+7B9OE395ghhig:kc72cRCEmn4sOYjB9OOv6V

    • Detects Echelon Stealer payload

    • Echelon

      Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.

    • Detected potential entity reuse from brand microsoft.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks