General

  • Target

    2025-07-04_93f3cf1352381fb3bf66286d665ed064_elex_mespinoza

  • Size

    1.4MB

  • Sample

    250704-nqxx6ssms4

  • MD5

    93f3cf1352381fb3bf66286d665ed064

  • SHA1

    1c0b023cba2962c0881c638651654bc02a022494

  • SHA256

    c084533cb3af23ded4fcaf6d38ce311eef8f9a54d1bd2b310aa6fd7c838a6287

  • SHA512

    36b7b5bdc8683611820cce49da857369646377770832e2a67e4113d82ffbaddd51a916f5ca537f2bcde8fe79eaeb86548fc8c4e533bbb9ea24a7a0450e2d0174

  • SSDEEP

    24576:WwsbvjfQ+S7sqjnhMgeiCl7G0nehbGZpbD:+0+aDmg27RnWGj

Malware Config

Targets

    • Target

      2025-07-04_93f3cf1352381fb3bf66286d665ed064_elex_mespinoza

    • Size

      1.4MB

    • MD5

      93f3cf1352381fb3bf66286d665ed064

    • SHA1

      1c0b023cba2962c0881c638651654bc02a022494

    • SHA256

      c084533cb3af23ded4fcaf6d38ce311eef8f9a54d1bd2b310aa6fd7c838a6287

    • SHA512

      36b7b5bdc8683611820cce49da857369646377770832e2a67e4113d82ffbaddd51a916f5ca537f2bcde8fe79eaeb86548fc8c4e533bbb9ea24a7a0450e2d0174

    • SSDEEP

      24576:WwsbvjfQ+S7sqjnhMgeiCl7G0nehbGZpbD:+0+aDmg27RnWGj

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks