General

  • Target

    2025-04-26_fc450ef2bf19cb64d8c05ac983f39221_amadey_elex_smoke-loader

  • Size

    6.0MB

  • Sample

    250426-x6wjqaxzcx

  • MD5

    fc450ef2bf19cb64d8c05ac983f39221

  • SHA1

    d4300b5aa868b210ad24eabdbb63aa534b42243f

  • SHA256

    c91bb433be75fa14cc18db804807b430592b514ad66b41ab837861e8beda7a3d

  • SHA512

    16326b986dbc72b72a741832c5a1ebe429f920ab33a73eeaa761ef289a34a795369684b949bdc25535bbf4fa2fde56a7e971e03aba5f799fa3902ae358b21bc1

  • SSDEEP

    49152:JjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQ/:hLu13/Jk2Ph05e+g3FM

Malware Config

Targets

    • Target

      2025-04-26_fc450ef2bf19cb64d8c05ac983f39221_amadey_elex_smoke-loader

    • Size

      6.0MB

    • MD5

      fc450ef2bf19cb64d8c05ac983f39221

    • SHA1

      d4300b5aa868b210ad24eabdbb63aa534b42243f

    • SHA256

      c91bb433be75fa14cc18db804807b430592b514ad66b41ab837861e8beda7a3d

    • SHA512

      16326b986dbc72b72a741832c5a1ebe429f920ab33a73eeaa761ef289a34a795369684b949bdc25535bbf4fa2fde56a7e971e03aba5f799fa3902ae358b21bc1

    • SSDEEP

      49152:JjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQ/:hLu13/Jk2Ph05e+g3FM

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks