General
-
Target
2025-04-25_70ff85cc4a82aae65fa22de2c2133b83_amadey_elex_smoke-loader
-
Size
5.2MB
-
Sample
250425-hqll9a1tat
-
MD5
70ff85cc4a82aae65fa22de2c2133b83
-
SHA1
aa5e234ff2c77a4063121cb19c95bc4e7298fd16
-
SHA256
fe606003a8bda012074d80f7360cb7e4e5ee22e7dc196948d957020d7a786c05
-
SHA512
c9293fc95a7d7a6119394917d7ef3d75e171b50755ab477a3cfd37e14e18b0134e7fceb93d922451090a12d3602e6cfc54a5c5d82b42709b0eb26f0a140c795b
-
SSDEEP
24576:lKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzfS4fITSoPzzyr7k4x9N+:KjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh
Behavioral task
behavioral1
Sample
2025-04-25_70ff85cc4a82aae65fa22de2c2133b83_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
2025-04-25_70ff85cc4a82aae65fa22de2c2133b83_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-25_70ff85cc4a82aae65fa22de2c2133b83_amadey_elex_smoke-loader
-
Size
5.2MB
-
MD5
70ff85cc4a82aae65fa22de2c2133b83
-
SHA1
aa5e234ff2c77a4063121cb19c95bc4e7298fd16
-
SHA256
fe606003a8bda012074d80f7360cb7e4e5ee22e7dc196948d957020d7a786c05
-
SHA512
c9293fc95a7d7a6119394917d7ef3d75e171b50755ab477a3cfd37e14e18b0134e7fceb93d922451090a12d3602e6cfc54a5c5d82b42709b0eb26f0a140c795b
-
SSDEEP
24576:lKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzfS4fITSoPzzyr7k4x9N+:KjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-