Extracted

• • Target

    e9e59ca2c8e786f92e81134f088ea08c53fc4c8c252871613ccc51b473814633

  • Size

    89KB

  • MD5

    b53eee189e09945c07a464d82be57e4e

  • SHA1

    93bf21ecb240ba177734600f6eef642f8a41f229

  • SHA256

    e9e59ca2c8e786f92e81134f088ea08c53fc4c8c252871613ccc51b473814633

  • SHA512

    6a7bc4d1447f5cc906152c591e1f2737c22059d1915febcbe8906eb9fcf2da3e9b33de215ce4498ed01024b57a7e12e9801c4907ca4109e01f94180545782a61

  • SSDEEP

    1536:EOrgQySDTYowOxhyR999vAFH/N1k7SZCHvqxuV/QHzw4iQMTq:uGMt999vUHF5ZCHvguV/QHzw2MTq

  Score

  10^/10

  exelastealerdiscoverypersistenceprivilege_escalationspywarestealer

  • Exela Stealer

    Exela Stealer is an open source stealer originally written in .NET and later transitioned to Python that was first observed in August 2023.

    stealerexelastealer

  • Exelastealer family

    exelastealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2