echelon | ede17bc45691636246b55b5d49a02fbdbee75ceb4d38dc8a04ee42bf8135d98c | Triage

Submit
Reports

Overview

overview

Static

static

3

69fa727ccf...c9.exe

windows7-x64

69fa727ccf...c9.exe

windows10-2004-x64

Sharing

General

Target

69fa727ccf84c2f677b7231960fdb1c9
Size

1.3MB
Sample

240120-kkwalsfda4
MD5

69fa727ccf84c2f677b7231960fdb1c9
SHA1

a61943b826df64a1421441539f9703b9954d43d6
SHA256

ede17bc45691636246b55b5d49a02fbdbee75ceb4d38dc8a04ee42bf8135d98c
SHA512

021b930990e68b97da5afc4907656a3a7398e459b313580a00f5c61a40d92b45a04cfd7680450162284903866744e3d5237176b84ccd86efe1214c88164051f6
SSDEEP

24576:Ov9MKQ72cZzFoipVyN31n4sOzTuGag+7B9OE395ghhig:kc72cRCEmn4sOYjB9OOv6V

Score

10^/10

echelon microsoft phishing spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

69fa727ccf84c2f677b7231960fdb1c9.exe

Resource

win7-20231215-en

echelon spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

69fa727ccf84c2f677b7231960fdb1c9.exe

Resource

win10v2004-20231215-en

echelon microsoft phishing spyware stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  69fa727ccf84c2f677b7231960fdb1c9
- Size
  
  1.3MB
- MD5
  
  69fa727ccf84c2f677b7231960fdb1c9
- SHA1
  
  a61943b826df64a1421441539f9703b9954d43d6
- SHA256
  
  ede17bc45691636246b55b5d49a02fbdbee75ceb4d38dc8a04ee42bf8135d98c
- SHA512
  
  021b930990e68b97da5afc4907656a3a7398e459b313580a00f5c61a40d92b45a04cfd7680450162284903866744e3d5237176b84ccd86efe1214c88164051f6
- SSDEEP
  
  24576:Ov9MKQ72cZzFoipVyN31n4sOzTuGag+7B9OE395ghhig:kc72cRCEmn4sOYjB9OOv6V
Score

10^/10

echelon spyware stealer microsoft phishing
- Detects Echelon Stealer payload
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2

echelonmicrosoftphishingspywarestealer

© 2018-2024

Terms | Privacy