General

  • Target

    2025-04-25_70ff85cc4a82aae65fa22de2c2133b83_amadey_elex_smoke-loader

  • Size

    5.2MB

  • Sample

    250425-hqll9a1tat

  • MD5

    70ff85cc4a82aae65fa22de2c2133b83

  • SHA1

    aa5e234ff2c77a4063121cb19c95bc4e7298fd16

  • SHA256

    fe606003a8bda012074d80f7360cb7e4e5ee22e7dc196948d957020d7a786c05

  • SHA512

    c9293fc95a7d7a6119394917d7ef3d75e171b50755ab477a3cfd37e14e18b0134e7fceb93d922451090a12d3602e6cfc54a5c5d82b42709b0eb26f0a140c795b

  • SSDEEP

    24576:lKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzfS4fITSoPzzyr7k4x9N+:KjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh

Malware Config

Targets

    • Target

      2025-04-25_70ff85cc4a82aae65fa22de2c2133b83_amadey_elex_smoke-loader

    • Size

      5.2MB

    • MD5

      70ff85cc4a82aae65fa22de2c2133b83

    • SHA1

      aa5e234ff2c77a4063121cb19c95bc4e7298fd16

    • SHA256

      fe606003a8bda012074d80f7360cb7e4e5ee22e7dc196948d957020d7a786c05

    • SHA512

      c9293fc95a7d7a6119394917d7ef3d75e171b50755ab477a3cfd37e14e18b0134e7fceb93d922451090a12d3602e6cfc54a5c5d82b42709b0eb26f0a140c795b

    • SSDEEP

      24576:lKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzfS4fITSoPzzyr7k4x9N+:KjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks