General

  • Target

    2025-07-04_02401b90032fe0f4a4eed5ea5bd43e4b_elex_stop

  • Size

    15.8MB

  • Sample

    250704-yk4hwaxybv

  • MD5

    02401b90032fe0f4a4eed5ea5bd43e4b

  • SHA1

    16e8ca36a12fcac4453e0c62d7ce8033a13d873f

  • SHA256

    617f95f45179665a3328c35b47dd270baa8c3907f87d02d8318a37c8119eb042

  • SHA512

    31e32270ef13101c880d23cced4badf0e6efee1eae99b9dee5a9f8ccdd488c8f1c6a86a549288f5c845c7cce8c8cdcce1eb584cf8d8cf1b4e22948d52a95c940

  • SSDEEP

    12288:bYLf9sLRWlweUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU+:y1sL6wI

Malware Config

Targets

    • Target

      2025-07-04_02401b90032fe0f4a4eed5ea5bd43e4b_elex_stop

    • Size

      15.8MB

    • MD5

      02401b90032fe0f4a4eed5ea5bd43e4b

    • SHA1

      16e8ca36a12fcac4453e0c62d7ce8033a13d873f

    • SHA256

      617f95f45179665a3328c35b47dd270baa8c3907f87d02d8318a37c8119eb042

    • SHA512

      31e32270ef13101c880d23cced4badf0e6efee1eae99b9dee5a9f8ccdd488c8f1c6a86a549288f5c845c7cce8c8cdcce1eb584cf8d8cf1b4e22948d52a95c940

    • SSDEEP

      12288:bYLf9sLRWlweUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU+:y1sL6wI

    • Adds policy Run key to start application

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks