General
-
Target
a595e1cc3c5290e7ecb3ad3a38f1a2794841f4884aae649aaf76da86b5e719c5
-
Size
592KB
-
Sample
240512-bsw3fahh8t
-
MD5
3c61bbe303455f65105343eb704427f7
-
SHA1
cc26191729c29800dad8f60621f4a3ec98ccd989
-
SHA256
a595e1cc3c5290e7ecb3ad3a38f1a2794841f4884aae649aaf76da86b5e719c5
-
SHA512
0c44c3e0e7fac188316e1331521fa8196302abd842c55e412bdce97619d145bcf97f9d72208d4c94c39abce35bbb05fb18f8a044898fc3ad37af6048192c3129
-
SSDEEP
12288:dDa2QVOu+ZLJLUf9snBS4csPYae6qfzmAA:SOu+hhUF54clNf7mB
Behavioral task
behavioral1
Sample
a595e1cc3c5290e7ecb3ad3a38f1a2794841f4884aae649aaf76da86b5e719c5.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
a595e1cc3c5290e7ecb3ad3a38f1a2794841f4884aae649aaf76da86b5e719c5.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
a595e1cc3c5290e7ecb3ad3a38f1a2794841f4884aae649aaf76da86b5e719c5
-
Size
592KB
-
MD5
3c61bbe303455f65105343eb704427f7
-
SHA1
cc26191729c29800dad8f60621f4a3ec98ccd989
-
SHA256
a595e1cc3c5290e7ecb3ad3a38f1a2794841f4884aae649aaf76da86b5e719c5
-
SHA512
0c44c3e0e7fac188316e1331521fa8196302abd842c55e412bdce97619d145bcf97f9d72208d4c94c39abce35bbb05fb18f8a044898fc3ad37af6048192c3129
-
SSDEEP
12288:dDa2QVOu+ZLJLUf9snBS4csPYae6qfzmAA:SOu+hhUF54clNf7mB
Score10/10-
Detects Echelon Stealer payload
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-