echelon | c3a19079975435934b29b6240b39aea2c5695657cbec4d5e27d862edf1c61c7a | Triage

Submit
Reports

Overview

overview

Static

static

d6ca1276e7...4c.exe

windows7-x64

d6ca1276e7...4c.exe

windows10-2004-x64

Sharing

General

Target

d6ca1276e7b7d3cb2b80c923344d224c
Size

1.0MB
Sample

240319-wvvydaag73
MD5

d6ca1276e7b7d3cb2b80c923344d224c
SHA1

aba6992aff5b194d04b003bfeeca7bb4ff7c94e3
SHA256

c3a19079975435934b29b6240b39aea2c5695657cbec4d5e27d862edf1c61c7a
SHA512

727ef205904c12df9b4b85323f54913f07fde65f4cd715ecdb6345ba65fd6be0b0b95e89759036f9a0c90ba4c17616c25707996f0aed93d57970c84b240056e5
SSDEEP

24576:tjE5uYGhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRyE:1o54clgLH+tkWJ0N9

Score

10^/10

echelon spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

d6ca1276e7b7d3cb2b80c923344d224c.exe

Resource

win7-20240221-en

echelon spyware stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d6ca1276e7b7d3cb2b80c923344d224c.exe

Resource

win10v2004-20240226-en

echelon spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  d6ca1276e7b7d3cb2b80c923344d224c
- Size
  
  1.0MB
- MD5
  
  d6ca1276e7b7d3cb2b80c923344d224c
- SHA1
  
  aba6992aff5b194d04b003bfeeca7bb4ff7c94e3
- SHA256
  
  c3a19079975435934b29b6240b39aea2c5695657cbec4d5e27d862edf1c61c7a
- SHA512
  
  727ef205904c12df9b4b85323f54913f07fde65f4cd715ecdb6345ba65fd6be0b0b95e89759036f9a0c90ba4c17616c25707996f0aed93d57970c84b240056e5
- SSDEEP
  
  24576:tjE5uYGhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRyE:1o54clgLH+tkWJ0N9
Score

10^/10

echelon spyware stealer
- Detects Echelon Stealer payload
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

echelonspywarestealer

behavioral2

echelonspywarestealer

© 2018-2024

Terms | Privacy