General
-
Target
2025-04-26_04b1edc9a7f10358fe7c0a82b7a19f80_amadey_elex_smoke-loader
-
Size
6.1MB
-
Sample
250426-x622haxzdv
-
MD5
04b1edc9a7f10358fe7c0a82b7a19f80
-
SHA1
b3eadff4b49f9058ca65b943b95ea0729dfb725d
-
SHA256
43a918bab0cdfa4907e9cb12a06a29a0636828f8ea36e74da5fe886268d7215f
-
SHA512
32630e9d04e983bcfb6e81e7704abc0a825a3a492451c53229dd300fc1aba1e307f4b4a8c7f0de5e1ccd05885e264e494589bab29fdf9ab81f4723ca99953c77
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKg:ZjLuSh3i+FtvkMzT+3HfOG9
Behavioral task
behavioral1
Sample
2025-04-26_04b1edc9a7f10358fe7c0a82b7a19f80_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_04b1edc9a7f10358fe7c0a82b7a19f80_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_04b1edc9a7f10358fe7c0a82b7a19f80_amadey_elex_smoke-loader
-
Size
6.1MB
-
MD5
04b1edc9a7f10358fe7c0a82b7a19f80
-
SHA1
b3eadff4b49f9058ca65b943b95ea0729dfb725d
-
SHA256
43a918bab0cdfa4907e9cb12a06a29a0636828f8ea36e74da5fe886268d7215f
-
SHA512
32630e9d04e983bcfb6e81e7704abc0a825a3a492451c53229dd300fc1aba1e307f4b4a8c7f0de5e1ccd05885e264e494589bab29fdf9ab81f4723ca99953c77
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKg:ZjLuSh3i+FtvkMzT+3HfOG9
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-