General

  • Target

    2025-04-26_816415d4c2f1a31497c4e20870809029_amadey_elex_smoke-loader

  • Size

    5.8MB

  • Sample

    250426-w9hatsw1hv

  • MD5

    816415d4c2f1a31497c4e20870809029

  • SHA1

    0d0fb11698feda62476ba9423f8dbd542c3846a0

  • SHA256

    fb9b760d0e23f96bc0cdf38be8fbae5a1f709c9f5d40b49347b4bc54b8dc65c2

  • SHA512

    b8a000765ccff3898ae66dd4f4621b79ade26db19142ff5edd4d510394e4ddbaad44b27d243064cb83dab0107e55776337bbd460d7de499135cc60d170d25e45

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+s:xjLuSh3i+FtvkMzT+3HfOGlke

Malware Config

Targets

    • Target

      2025-04-26_816415d4c2f1a31497c4e20870809029_amadey_elex_smoke-loader

    • Size

      5.8MB

    • MD5

      816415d4c2f1a31497c4e20870809029

    • SHA1

      0d0fb11698feda62476ba9423f8dbd542c3846a0

    • SHA256

      fb9b760d0e23f96bc0cdf38be8fbae5a1f709c9f5d40b49347b4bc54b8dc65c2

    • SHA512

      b8a000765ccff3898ae66dd4f4621b79ade26db19142ff5edd4d510394e4ddbaad44b27d243064cb83dab0107e55776337bbd460d7de499135cc60d170d25e45

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+s:xjLuSh3i+FtvkMzT+3HfOGlke

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks