echelon | fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727 | Triage

Submit
Reports

Overview

overview

Static

static

fa4bfaa4c5...27.exe

windows7-x64

fa4bfaa4c5...27.exe

windows10-2004-x64

Sharing

General

Target

fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727
Size

654KB
Sample

240122-bk6a5sdcbj
MD5

5e280ffb77936e4b4fa7a697f8dca51f
SHA1

33383e8f7135a609f18907ced91290bb43d19aa7
SHA256

fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727
SHA512

8b16968ffe4eb3bfa8e962129f59bc6b7b0e1c77ac4814820960defdda0ad96464af51fcd5814063ea0e8e2f26ca7c983bed286d79cd320a0fa23f3d8a9eca77
SSDEEP

12288:1Lx7XSz9yWCQL32ikCaUS4csRBse6sfWyAA:1LBc90y3k94cunZeyB

Score

10^/10

echelon spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727.exe

Resource

win7-20231215-en

echelon spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727.exe

Resource

win10v2004-20231215-en

echelon spyware stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727
- Size
  
  654KB
- MD5
  
  5e280ffb77936e4b4fa7a697f8dca51f
- SHA1
  
  33383e8f7135a609f18907ced91290bb43d19aa7
- SHA256
  
  fa4bfaa4c5710bc2e0ee0a9030015413708c347b1b753782164b622bd7efe727
- SHA512
  
  8b16968ffe4eb3bfa8e962129f59bc6b7b0e1c77ac4814820960defdda0ad96464af51fcd5814063ea0e8e2f26ca7c983bed286d79cd320a0fa23f3d8a9eca77
- SSDEEP
  
  12288:1Lx7XSz9yWCQL32ikCaUS4csRBse6sfWyAA:1LBc90y3k94cunZeyB
Score

10^/10

echelon spyware stealer
- Detects Echelon Stealer payload
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2

echelonspywarestealer

© 2018-2024

Terms | Privacy