General

  • Target

    2025-04-26_04b1edc9a7f10358fe7c0a82b7a19f80_amadey_elex_smoke-loader

  • Size

    6.1MB

  • Sample

    250426-x622haxzdv

  • MD5

    04b1edc9a7f10358fe7c0a82b7a19f80

  • SHA1

    b3eadff4b49f9058ca65b943b95ea0729dfb725d

  • SHA256

    43a918bab0cdfa4907e9cb12a06a29a0636828f8ea36e74da5fe886268d7215f

  • SHA512

    32630e9d04e983bcfb6e81e7704abc0a825a3a492451c53229dd300fc1aba1e307f4b4a8c7f0de5e1ccd05885e264e494589bab29fdf9ab81f4723ca99953c77

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKg:ZjLuSh3i+FtvkMzT+3HfOG9

Malware Config

Targets

    • Target

      2025-04-26_04b1edc9a7f10358fe7c0a82b7a19f80_amadey_elex_smoke-loader

    • Size

      6.1MB

    • MD5

      04b1edc9a7f10358fe7c0a82b7a19f80

    • SHA1

      b3eadff4b49f9058ca65b943b95ea0729dfb725d

    • SHA256

      43a918bab0cdfa4907e9cb12a06a29a0636828f8ea36e74da5fe886268d7215f

    • SHA512

      32630e9d04e983bcfb6e81e7704abc0a825a3a492451c53229dd300fc1aba1e307f4b4a8c7f0de5e1ccd05885e264e494589bab29fdf9ab81f4723ca99953c77

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKg:ZjLuSh3i+FtvkMzT+3HfOG9

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks