General
-
Target
8931484a695b8055ecfd531ca1ca50142c511a1f40f363b04d5834ca79edbd3d
-
Size
581KB
-
Sample
240628-cd65jaxgmq
-
MD5
c37b269ea7a17ff2991ab3047e1ab5ae
-
SHA1
ee54cbb01b1370122983ad181659ead7bc134c7a
-
SHA256
8931484a695b8055ecfd531ca1ca50142c511a1f40f363b04d5834ca79edbd3d
-
SHA512
c23c70d2d477ac5cdfda9068c91b4a6c9ad382aca7610c54cbdcf80bc86b602cdb2a330fe93d59dee3df43e71dffc19ae65f9dade8804616d3b592ba59b915ff
-
SSDEEP
12288:YctvPYVlNWEZkVlVrKZLJLUf9snBS4csPYae6qfzPAA:hsErKhhUF54clNf7PB
Behavioral task
behavioral1
Sample
8931484a695b8055ecfd531ca1ca50142c511a1f40f363b04d5834ca79edbd3d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8931484a695b8055ecfd531ca1ca50142c511a1f40f363b04d5834ca79edbd3d.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
8931484a695b8055ecfd531ca1ca50142c511a1f40f363b04d5834ca79edbd3d
-
Size
581KB
-
MD5
c37b269ea7a17ff2991ab3047e1ab5ae
-
SHA1
ee54cbb01b1370122983ad181659ead7bc134c7a
-
SHA256
8931484a695b8055ecfd531ca1ca50142c511a1f40f363b04d5834ca79edbd3d
-
SHA512
c23c70d2d477ac5cdfda9068c91b4a6c9ad382aca7610c54cbdcf80bc86b602cdb2a330fe93d59dee3df43e71dffc19ae65f9dade8804616d3b592ba59b915ff
-
SSDEEP
12288:YctvPYVlNWEZkVlVrKZLJLUf9snBS4csPYae6qfzPAA:hsErKhhUF54clNf7PB
Score10/10-
Detects Echelon Stealer payload
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-