General

  • Target

    2025-04-25_dfb6f562ed141e5c74fb61eea7402c60_amadey_elex_smoke-loader

  • Size

    8.3MB

  • Sample

    250425-g4zwcszzet

  • MD5

    dfb6f562ed141e5c74fb61eea7402c60

  • SHA1

    31ac3b8a774fcb8f4dd60b976eea8606811cccea

  • SHA256

    b4909527f428960707192b28ff1f779717c1d874bfee8efae8b696947660fc18

  • SHA512

    c5b04726fe66c0e46ee2074b69cf23c0abc25d79da78e38dd36083a8bab474a88e596f2c75f2e1fd43f768658cbbebd33bf5a22e2158e4d028b921c9203fd72f

  • SSDEEP

    98304:OLu13/Jk2Ph05e+g3A0BYql7x+oZHcV4i/kgE7/FG4l7zP3u+0xZHcV4i/kgE7Ah:OikgcND0vGfLg3

Malware Config

Targets

    • Target

      2025-04-25_dfb6f562ed141e5c74fb61eea7402c60_amadey_elex_smoke-loader

    • Size

      8.3MB

    • MD5

      dfb6f562ed141e5c74fb61eea7402c60

    • SHA1

      31ac3b8a774fcb8f4dd60b976eea8606811cccea

    • SHA256

      b4909527f428960707192b28ff1f779717c1d874bfee8efae8b696947660fc18

    • SHA512

      c5b04726fe66c0e46ee2074b69cf23c0abc25d79da78e38dd36083a8bab474a88e596f2c75f2e1fd43f768658cbbebd33bf5a22e2158e4d028b921c9203fd72f

    • SSDEEP

      98304:OLu13/Jk2Ph05e+g3A0BYql7x+oZHcV4i/kgE7/FG4l7zP3u+0xZHcV4i/kgE7Ah:OikgcND0vGfLg3

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks