General

  • Target

    2025-07-01_235a53e0861717cdef8145e515a3d26f_elex_stop

  • Size

    12.7MB

  • Sample

    250701-jpqp9adp3s

  • MD5

    235a53e0861717cdef8145e515a3d26f

  • SHA1

    41085b5d7a0736cfb5f47ccfb864b134c9191e34

  • SHA256

    467804e880821bcb8adeec2d71fa6f62af5c8af8b3f1574b1f6bc4eef401c8aa

  • SHA512

    928a3bfd6b6d8b01076cd4d615de5867e39ba99760716de3b24a6671f3c475928b93372f27e1f246b465ef53b147389f737b0124da440ac13570f63bcd742cfc

  • SSDEEP

    3072:xxAHNZL/I+/9yajam+ozwcDh4+6LRgTJWErPFKYRAI59E888U52525252525252D:bkPLAmDjlvEnLRWlKDIU888b

Malware Config

Targets

    • Target

      2025-07-01_235a53e0861717cdef8145e515a3d26f_elex_stop

    • Size

      12.7MB

    • MD5

      235a53e0861717cdef8145e515a3d26f

    • SHA1

      41085b5d7a0736cfb5f47ccfb864b134c9191e34

    • SHA256

      467804e880821bcb8adeec2d71fa6f62af5c8af8b3f1574b1f6bc4eef401c8aa

    • SHA512

      928a3bfd6b6d8b01076cd4d615de5867e39ba99760716de3b24a6671f3c475928b93372f27e1f246b465ef53b147389f737b0124da440ac13570f63bcd742cfc

    • SSDEEP

      3072:xxAHNZL/I+/9yajam+ozwcDh4+6LRgTJWErPFKYRAI59E888U52525252525252D:bkPLAmDjlvEnLRWlKDIU888b

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks