echelon | 50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79 | Triage

Submit
Reports

Overview

overview

Static

static

50ec312ca3...79.exe

windows7-x64

50ec312ca3...79.exe

windows10-2004-x64

Sharing

General

Target

50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79
Size

659KB
Sample

240122-bfgrzsdeh9
MD5

e2812ccf1dd1f50c7a435e8c30b151a8
SHA1

0d76a779b75599e30a43f8a03f5581c8f3e19e2a
SHA256

50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79
SHA512

c716c58a4c66cf27ea22c2e7042391d27209d138d01b4fdc14576d0f8546d62cebf7d9956c44705802df722e41bb45b9aff27a4e94afa04ec1230646d3885009
SSDEEP

12288:yA03baYUMm7XEOfQL32ikCaUS4csRBse6sfWnAA:yA03baYUBjfy3k94cunZenB

Score

10^/10

echelon spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79.exe

Resource

win7-20231215-en

echelon spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79.exe

Resource

win10v2004-20231215-en

echelon spyware stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79
- Size
  
  659KB
- MD5
  
  e2812ccf1dd1f50c7a435e8c30b151a8
- SHA1
  
  0d76a779b75599e30a43f8a03f5581c8f3e19e2a
- SHA256
  
  50ec312ca31e71d5128358026056711660baacc13e9a88af64363155dca7df79
- SHA512
  
  c716c58a4c66cf27ea22c2e7042391d27209d138d01b4fdc14576d0f8546d62cebf7d9956c44705802df722e41bb45b9aff27a4e94afa04ec1230646d3885009
- SSDEEP
  
  12288:yA03baYUMm7XEOfQL32ikCaUS4csRBse6sfWnAA:yA03baYUBjfy3k94cunZenB
Score

10^/10

echelon spyware stealer
- Detects Echelon Stealer payload
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2

echelonspywarestealer

© 2018-2024

Terms | Privacy