General

  • Target

    2025-04-26_fabb59199431352e8afd1ce17444cfd8_amadey_elex_smoke-loader

  • Size

    5.7MB

  • Sample

    250426-x2lhyszrt3

  • MD5

    fabb59199431352e8afd1ce17444cfd8

  • SHA1

    5734ea91a02b4e2254cbfa94611ba2fc745855e7

  • SHA256

    f2e9716eabf91824cb58d33348b622d5da28590e7ca491128f2c3d3c25ea6735

  • SHA512

    b527a97c129dfb75034baca972aa5765496e2d92c55016fd66c572ee57b7af0a697087691bc7a98a487b881bb7f9325a4f3800354253b60714df890f9c7ce1b5

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJdL:CjLuSh3i+FtvkMzT+3HfOGlkD

Malware Config

Targets

    • Target

      2025-04-26_fabb59199431352e8afd1ce17444cfd8_amadey_elex_smoke-loader

    • Size

      5.7MB

    • MD5

      fabb59199431352e8afd1ce17444cfd8

    • SHA1

      5734ea91a02b4e2254cbfa94611ba2fc745855e7

    • SHA256

      f2e9716eabf91824cb58d33348b622d5da28590e7ca491128f2c3d3c25ea6735

    • SHA512

      b527a97c129dfb75034baca972aa5765496e2d92c55016fd66c572ee57b7af0a697087691bc7a98a487b881bb7f9325a4f3800354253b60714df890f9c7ce1b5

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJdL:CjLuSh3i+FtvkMzT+3HfOGlkD

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks