General
-
Target
2025-04-26_fabb59199431352e8afd1ce17444cfd8_amadey_elex_smoke-loader
-
Size
5.7MB
-
Sample
250426-x2lhyszrt3
-
MD5
fabb59199431352e8afd1ce17444cfd8
-
SHA1
5734ea91a02b4e2254cbfa94611ba2fc745855e7
-
SHA256
f2e9716eabf91824cb58d33348b622d5da28590e7ca491128f2c3d3c25ea6735
-
SHA512
b527a97c129dfb75034baca972aa5765496e2d92c55016fd66c572ee57b7af0a697087691bc7a98a487b881bb7f9325a4f3800354253b60714df890f9c7ce1b5
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJdL:CjLuSh3i+FtvkMzT+3HfOGlkD
Behavioral task
behavioral1
Sample
2025-04-26_fabb59199431352e8afd1ce17444cfd8_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_fabb59199431352e8afd1ce17444cfd8_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_fabb59199431352e8afd1ce17444cfd8_amadey_elex_smoke-loader
-
Size
5.7MB
-
MD5
fabb59199431352e8afd1ce17444cfd8
-
SHA1
5734ea91a02b4e2254cbfa94611ba2fc745855e7
-
SHA256
f2e9716eabf91824cb58d33348b622d5da28590e7ca491128f2c3d3c25ea6735
-
SHA512
b527a97c129dfb75034baca972aa5765496e2d92c55016fd66c572ee57b7af0a697087691bc7a98a487b881bb7f9325a4f3800354253b60714df890f9c7ce1b5
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJdL:CjLuSh3i+FtvkMzT+3HfOGlkD
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-