exelastealer | 85ad2e8ea6fa3e4a9e156514eb4ca74b2b846420c4d4d5d8e1f840fa722ac401

General

Target

fortnite_GenV2.exe
Size

12.7MB
Sample

240609-q9yd6abc6y
MD5

3537262e3aaca5e9b7e8bbfa401568a9
SHA1

5925fce917694c7aa99b68c8c989bd4b0086d985
SHA256

85ad2e8ea6fa3e4a9e156514eb4ca74b2b846420c4d4d5d8e1f840fa722ac401
SHA512

fbc974b6160a58591b9b8a959bbab73ca00c4441820c64e35271df1dd5e9f2fb69d10617b7c8f1aa648bd3c518c6d4f182a6240740ebf10f1747c76530883afb
SSDEEP

393216:pGQdqUL01+l+uq+Vv2dQJlewF3MnG3xl5x+EnmwumOB:pGq501+l+uqgv2dQT3MGxgbL

Score

10^/10

Malware Config

Targets

- Target
  
  fortnite_GenV2.exe
- Size
  
  12.7MB
- MD5
  
  3537262e3aaca5e9b7e8bbfa401568a9
- SHA1
  
  5925fce917694c7aa99b68c8c989bd4b0086d985
- SHA256
  
  85ad2e8ea6fa3e4a9e156514eb4ca74b2b846420c4d4d5d8e1f840fa722ac401
- SHA512
  
  fbc974b6160a58591b9b8a959bbab73ca00c4441820c64e35271df1dd5e9f2fb69d10617b7c8f1aa648bd3c518c6d4f182a6240740ebf10f1747c76530883afb
- SSDEEP
  
  393216:pGQdqUL01+l+uq+Vv2dQJlewF3MnG3xl5x+EnmwumOB:pGq501+l+uqgv2dQT3MGxgbL
Score

10^/10

exelastealer evasion pyinstaller spyware stealer
- Exela Stealer
  Exela Stealer is an open source stealer originally written in .NET and later transitioned to Python that was first observed in August 2023.
  stealer exelastealer
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  Stub.pyc
- Size
  
  875KB
- MD5
  
  994e5f5af9453a94fb564fb2752086fe
- SHA1
  
  e1c026a9988640d6d93a584a2528dc286a159c8e
- SHA256
  
  11d5f78cd57c4c73bff8a3335859ea716e50eb3ede69171b6c06db2f6dcad974
- SHA512
  
  94b3f4eeb18d12d517e840f0132ff2b5328e93588a4e98f44d336403676a629e5ec99b303e4afb54bd6de1b0d8520fdda2b991655fe3a815fb63c1ab061a03dc
- SSDEEP
  
  24576:aXFhLhlhWWVOR87KmIgsk7CVzvSF+1pJtf:a7z7mJaA1pr
Score

3^/10
behavioral3 behavioral4