echelon | 5858a2b22cd3ebe442cab79eb456974313a4a3a2d91d99943046a644640f5020 | Triage

Sharing

General

Target

Vape v4 crack by dea.exe
Size

1.0MB
Sample

240628-2ywa7svapc
MD5

a6ebc0f0c47859be4cf6979aef8282e0
SHA1

7566d5588d76ba3d800af3d60b49dd6ef589ea05
SHA256

5858a2b22cd3ebe442cab79eb456974313a4a3a2d91d99943046a644640f5020
SHA512

fd62d64f2ff0c05d733cfa80eeadb3375515ed0c3db912c3fd9eaccc4f5210e4b51ff6075b31fb7d4025305b4185d54a48fc58cfd999466077b26ba0e90a80a5
SSDEEP

24576:GfQYMfhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRF+G:9o54clgLH+tkWJ0Nj

Score

10^/10

echelon spyware stealer

Malware Config

Targets

- Target
  
  Vape v4 crack by dea.exe
- Size
  
  1.0MB
- MD5
  
  a6ebc0f0c47859be4cf6979aef8282e0
- SHA1
  
  7566d5588d76ba3d800af3d60b49dd6ef589ea05
- SHA256
  
  5858a2b22cd3ebe442cab79eb456974313a4a3a2d91d99943046a644640f5020
- SHA512
  
  fd62d64f2ff0c05d733cfa80eeadb3375515ed0c3db912c3fd9eaccc4f5210e4b51ff6075b31fb7d4025305b4185d54a48fc58cfd999466077b26ba0e90a80a5
- SSDEEP
  
  24576:GfQYMfhhUF54clNf7+6uHAW92zt/sWu2BSMCqDoRF+G:9o54clgLH+tkWJ0Nj
Score

10^/10

echelon spyware stealer
- Echelon
  Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.
  stealer spyware echelon
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

echelonspywarestealer