General
-
Target
2025-04-25_dfb6f562ed141e5c74fb61eea7402c60_amadey_elex_smoke-loader
-
Size
8.3MB
-
Sample
250425-g4zwcszzet
-
MD5
dfb6f562ed141e5c74fb61eea7402c60
-
SHA1
31ac3b8a774fcb8f4dd60b976eea8606811cccea
-
SHA256
b4909527f428960707192b28ff1f779717c1d874bfee8efae8b696947660fc18
-
SHA512
c5b04726fe66c0e46ee2074b69cf23c0abc25d79da78e38dd36083a8bab474a88e596f2c75f2e1fd43f768658cbbebd33bf5a22e2158e4d028b921c9203fd72f
-
SSDEEP
98304:OLu13/Jk2Ph05e+g3A0BYql7x+oZHcV4i/kgE7/FG4l7zP3u+0xZHcV4i/kgE7Ah:OikgcND0vGfLg3
Behavioral task
behavioral1
Sample
2025-04-25_dfb6f562ed141e5c74fb61eea7402c60_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
2025-04-25_dfb6f562ed141e5c74fb61eea7402c60_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-25_dfb6f562ed141e5c74fb61eea7402c60_amadey_elex_smoke-loader
-
Size
8.3MB
-
MD5
dfb6f562ed141e5c74fb61eea7402c60
-
SHA1
31ac3b8a774fcb8f4dd60b976eea8606811cccea
-
SHA256
b4909527f428960707192b28ff1f779717c1d874bfee8efae8b696947660fc18
-
SHA512
c5b04726fe66c0e46ee2074b69cf23c0abc25d79da78e38dd36083a8bab474a88e596f2c75f2e1fd43f768658cbbebd33bf5a22e2158e4d028b921c9203fd72f
-
SSDEEP
98304:OLu13/Jk2Ph05e+g3A0BYql7x+oZHcV4i/kgE7/FG4l7zP3u+0xZHcV4i/kgE7Ah:OikgcND0vGfLg3
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-