General
-
Target
Electron_V3.rar
-
Size
9.2MB
-
Sample
240528-sbqb1ahf6s
-
MD5
72a7fdf07acb23c766a653c7c4db9a2c
-
SHA1
053763465cda1a72193fd9111cc0dbdafa420fcb
-
SHA256
b7fb92797050adc11db38c3f044cc4669938b706a4909ddc7dd9bebe9a3aa2c4
-
SHA512
4925aa6a684d078aeefd827d6fa30c320beb8e03a8f62b223dff434d9f7546cc5e3e644bc3ff26227ab5a4ece3abdf70198c0989335de5eb4001d85ad68b4443
-
SSDEEP
196608:hFvYU5LY8oUGtudASRMD9U6VGOeLlygttuqhAji+4KL6GoyXPRQ47nuss:htXzrGtMVRMD9U+0lygtttb+43GRfNqx
Behavioral task
behavioral1
Sample
Electron V3/ElectronV3.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Electron V3/ElectronV3.exe
-
Size
9.3MB
-
MD5
da1122c7ff4cd2530e361315cfbc767e
-
SHA1
2bdd5e7d350a55c6ba90bf55a256e756e524ff2e
-
SHA256
f817d959e4f054e2a5ae16b2bd3d2090f68a9d472334d938ccac3ee576f685d6
-
SHA512
3f326dcef9b046b343c787a3020cdc087a1215eb9665f324ce4faee8b05b8403ca0ba0bb0ce23500e3406b60418ed4f2e11fa862733d40fc91d4b5d10792e8c4
-
SSDEEP
196608:4gxCmHiJediqShxWTMRHvUWvo3hxjno/w3iFCxHQbRpXN4nhPyM:pshATMRHdgxro/w3uCxHQb94hv
Score10/10-
Exela Stealer
Exela Stealer is an open source stealer originally written in .NET and later transitioned to Python that was first observed in August 2023.
-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-