General

  • Target

    45ab445f996969fefe0e530ec2827515_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240330-16s1dafg8t

  • MD5

    45ab445f996969fefe0e530ec2827515

  • SHA1

    6b0b2be8348c381051c54a5d3bdecd2d44d1abf2

  • SHA256

    6d8b3a1bf9dcc6fcd92a2388fb8e2dde25de097b50c4bbeff7a9e579c23bfc61

  • SHA512

    900d183f4491ed0e7c8c275226ecf64a25b3b0d44e7a71189a7a28ae6b1ae87bd7ea7e1eb4b2e6ecde3db5210a586632835d3adcd29e4e15679d181bdf92749b

  • SSDEEP

    24576:VqBk70TrcXkF3EPDA5AtiKhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRg:ykQTA06PD7o54clgLH+tkWJ0NG

Score
10/10

Malware Config

Targets

    • Target

      45ab445f996969fefe0e530ec2827515_JaffaCakes118

    • Size

      1.5MB

    • MD5

      45ab445f996969fefe0e530ec2827515

    • SHA1

      6b0b2be8348c381051c54a5d3bdecd2d44d1abf2

    • SHA256

      6d8b3a1bf9dcc6fcd92a2388fb8e2dde25de097b50c4bbeff7a9e579c23bfc61

    • SHA512

      900d183f4491ed0e7c8c275226ecf64a25b3b0d44e7a71189a7a28ae6b1ae87bd7ea7e1eb4b2e6ecde3db5210a586632835d3adcd29e4e15679d181bdf92749b

    • SSDEEP

      24576:VqBk70TrcXkF3EPDA5AtiKhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRg:ykQTA06PD7o54clgLH+tkWJ0NG

    Score
    10/10
    • Detects Echelon Stealer payload

    • Echelon

      Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks