Overview

overview

10

Static

static

3

ElectronV3...V3.exe

windows7-x64

7

ElectronV3...V3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ElectronV3.zip

  • Size

    9.6MB

  • Sample

    241111-18jvgsxjfx

  • MD5

    20e23e39f5bc2960dc22467843ef508f

  • SHA1

    656e80a3f06734299f77b79ef7476f8a0e87b7f9

  • SHA256

    17a1a20884741269ebf3bc8e594192d7a71550ff2db2e95d955f90a57e09a238

  • SHA512

    5718e5bd95cf74a6fdf0c6699f32f0260995bcdb9d31cb0a3a66e32aaea58a2568a232176689365e0c2590c4f8e51ca8e521bd7eff5b23f1fac750f4ffbcada0

  • SSDEEP

    196608:HhZt2jZs54OftzfklzJZUDiq5HNKW5+FUhlb9q1wHWhozdGJd3/AW9uGq8iJ:BO6tKzJSz5HZZlBq1wHUozdGJvuF9J

Score
10/10
exelastealercollectiondefense_evasiondiscoverypyinstallerstealerupx

Malware Config

Targets

    • Target

      ElectronV3/ElectronV3.exe

    • Size

      9.9MB

    • MD5

      fb378cce904aa88ef75e6b3e23d3570c

    • SHA1

      fb0e5807e9f585d6a366b983aecedd33e4db5e1d

    • SHA256

      7ccdd35fed305775ea2ce064c5358aaabc386db052d8d35ada9e49ccc2c779c5

    • SHA512

      3ca77a7a3d6df9f17577344f1d35a67dd5800a9edac6d45d2a88801ebf913dcd6491c788045d82cce18c45a9885de88f36c2483805e445ba065f8157c8f1b31b

    • SSDEEP

      196608:91Rpe1xh0/TLx4hz7DIxygRHvUWvothxjno/w3iFCxHQbRpXI2rWxU0:324TGz7kFRHdqxro/w3uCxHQb9WxH

    Score
    10/10
    upxexelastealercollectiondefense_evasiondiscoverystealer

    • Exela Stealer

      Exela Stealer is an open source stealer originally written in .NET and later transitioned to Python that was first observed in August 2023.

      stealerexelastealer

    • Exelastealer family

      exelastealer

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

      collection

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery

    • Enumerates processes with tasklist

      discovery

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks