General
-
Target
ElectronV3.exe
-
Size
37.8MB
-
Sample
241110-w8jr9s1rhw
-
MD5
1cbe8585b431cf47c67d346873d73b86
-
SHA1
411627116f8ad58fac2bcd805871d3eedaeea29b
-
SHA256
0df18ecef55a3c251ee62a5c6253b82d7d970b5312a9f399a1731405b73a2793
-
SHA512
733d1256d97298c87f17b814b6edcc29ff12832258e184126a8416cc6d3b241dca5caf15022e7b84e5b4465c2b587adbfd0128b3e4714127daa51ec6676bef7f
-
SSDEEP
786432:JG0CL9iGLQyZFu8HkDC/UbUjfge+1y3GIwAZ5eiGg1iEc2dQ/7K4rv3FqbE:JG0CwG3q87/EU41qVjGg1i/uQ/GUqbE
Malware Config
Targets
-
-
Target
ElectronV3.exe
-
Size
37.8MB
-
MD5
1cbe8585b431cf47c67d346873d73b86
-
SHA1
411627116f8ad58fac2bcd805871d3eedaeea29b
-
SHA256
0df18ecef55a3c251ee62a5c6253b82d7d970b5312a9f399a1731405b73a2793
-
SHA512
733d1256d97298c87f17b814b6edcc29ff12832258e184126a8416cc6d3b241dca5caf15022e7b84e5b4465c2b587adbfd0128b3e4714127daa51ec6676bef7f
-
SSDEEP
786432:JG0CL9iGLQyZFu8HkDC/UbUjfge+1y3GIwAZ5eiGg1iEc2dQ/7K4rv3FqbE:JG0CwG3q87/EU41qVjGg1i/uQ/GUqbE
Score10/10-
Exela Stealer
Exela Stealer is an open source stealer originally written in .NET and later transitioned to Python that was first observed in August 2023.
-
Exelastealer family
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Network Service Discovery
Attempt to gather information on host's network.
-
Enumerates processes with tasklist
-
Hide Artifacts: Hidden Files and Directories
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-