General
-
Target
2025-04-26_816415d4c2f1a31497c4e20870809029_amadey_elex_smoke-loader
-
Size
5.8MB
-
Sample
250426-w9hatsw1hv
-
MD5
816415d4c2f1a31497c4e20870809029
-
SHA1
0d0fb11698feda62476ba9423f8dbd542c3846a0
-
SHA256
fb9b760d0e23f96bc0cdf38be8fbae5a1f709c9f5d40b49347b4bc54b8dc65c2
-
SHA512
b8a000765ccff3898ae66dd4f4621b79ade26db19142ff5edd4d510394e4ddbaad44b27d243064cb83dab0107e55776337bbd460d7de499135cc60d170d25e45
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+s:xjLuSh3i+FtvkMzT+3HfOGlke
Behavioral task
behavioral1
Sample
2025-04-26_816415d4c2f1a31497c4e20870809029_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_816415d4c2f1a31497c4e20870809029_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_816415d4c2f1a31497c4e20870809029_amadey_elex_smoke-loader
-
Size
5.8MB
-
MD5
816415d4c2f1a31497c4e20870809029
-
SHA1
0d0fb11698feda62476ba9423f8dbd542c3846a0
-
SHA256
fb9b760d0e23f96bc0cdf38be8fbae5a1f709c9f5d40b49347b4bc54b8dc65c2
-
SHA512
b8a000765ccff3898ae66dd4f4621b79ade26db19142ff5edd4d510394e4ddbaad44b27d243064cb83dab0107e55776337bbd460d7de499135cc60d170d25e45
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+s:xjLuSh3i+FtvkMzT+3HfOGlke
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-