Mysterious Elephant is a highly active APT group discovered in 2023, targeting government entities and foreign affairs sectors in the Asia-Pacific region. The group has evolved its tactics, using spear phishing, custom-made tools, and open-source tools like BabShell and MemLoader. Their latest campaign, starting in early 2025, shows a shift in TTPs with increased use of new custom tools. Mysterious Elephant exploits WhatsApp communications to steal sensitive data and employs various exfiltration tools. The group primarily targets Pakistan, Bangladesh, and Sri Lanka, using personalized payloads for specific individuals. Their sophisticated approach and continuous adaptation pose a significant threat to national security and global stability. Author: AlienVault
Related Tags:
asia-pacific
vrat
government targets
whatsapp exploitation
custom tools
NavRAT – S0247
ChromeStealer Exfiltrator
Stom Exfiltrator
Uplo Exfiltrator
Associated Indicators:
0D4F15A4859E0B985B67BFBC133B6F11E68A48C9
3CAAF05B2E173663F359F27802F10139
BC0FC851268AFDF0F63C97473825FF75
4C32E12E73BE9979EDE3F8FCE4F41A3A
037B2F6233CCC82F0C75BF56C47742BB
C12EA05BAF94EF6F0EA73470D70DB3B2
7EE45B465DCC1AC281378C973AE4C6A0
CF1D14E59C38695D87D85AF76DB9A861
8650FFF81D597E1A3406BAF3BB87297F