echelon | a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d | Triage

Submit
Reports

Overview

overview

Static

static

a5c068511e...8d.exe

windows7-x64

a5c068511e...8d.exe

windows10-2004-x64

Sharing

General

Target

a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d
Size

659KB
Sample

240122-bc68gadaek
MD5

e00956f5cb4af999fd7b334fa4e82543
SHA1

d53769bf9dd345a7fb8b5c8c15e840cf7ee0b1e9
SHA256

a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d
SHA512

4ba8d9b6c3b7c5aa53132e38c0bde4fb1877656ef49a0c24676a363ea4a5aac8514cd91ea23049acb2b48a63c7fd4dba2b2efce8ee196e46015bea6d909a8771
SSDEEP

12288:DA03baVb7aXESXQL32ikCaUS4csRBse6sfWEAA:DA03baVbOnXy3k94cunZeEB

Score

10^/10

echelon spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d.exe

Resource

win7-20231215-en

echelon spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d.exe

Resource

win10v2004-20231222-en

echelon spyware stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d
- Size
  
  659KB
- MD5
  
  e00956f5cb4af999fd7b334fa4e82543
- SHA1
  
  d53769bf9dd345a7fb8b5c8c15e840cf7ee0b1e9
- SHA256
  
  a5c068511e7487b6744f53abf21f09a23345a287a7858850e564143c56b5198d
- SHA512
  
  4ba8d9b6c3b7c5aa53132e38c0bde4fb1877656ef49a0c24676a363ea4a5aac8514cd91ea23049acb2b48a63c7fd4dba2b2efce8ee196e46015bea6d909a8771
- SSDEEP
  
  12288:DA03baVb7aXESXQL32ikCaUS4csRBse6sfWEAA:DA03baVbOnXy3k94cunZeEB
Score

10^/10

echelon spyware stealer
- Detects Echelon Stealer payload
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2

echelonspywarestealer

© 2018-2024

Terms | Privacy