General
-
Target
2025-04-26_fc450ef2bf19cb64d8c05ac983f39221_amadey_elex_smoke-loader
-
Size
6.0MB
-
Sample
250426-x6wjqaxzcx
-
MD5
fc450ef2bf19cb64d8c05ac983f39221
-
SHA1
d4300b5aa868b210ad24eabdbb63aa534b42243f
-
SHA256
c91bb433be75fa14cc18db804807b430592b514ad66b41ab837861e8beda7a3d
-
SHA512
16326b986dbc72b72a741832c5a1ebe429f920ab33a73eeaa761ef289a34a795369684b949bdc25535bbf4fa2fde56a7e971e03aba5f799fa3902ae358b21bc1
-
SSDEEP
49152:JjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQ/:hLu13/Jk2Ph05e+g3FM
Behavioral task
behavioral1
Sample
2025-04-26_fc450ef2bf19cb64d8c05ac983f39221_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
2025-04-26_fc450ef2bf19cb64d8c05ac983f39221_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_fc450ef2bf19cb64d8c05ac983f39221_amadey_elex_smoke-loader
-
Size
6.0MB
-
MD5
fc450ef2bf19cb64d8c05ac983f39221
-
SHA1
d4300b5aa868b210ad24eabdbb63aa534b42243f
-
SHA256
c91bb433be75fa14cc18db804807b430592b514ad66b41ab837861e8beda7a3d
-
SHA512
16326b986dbc72b72a741832c5a1ebe429f920ab33a73eeaa761ef289a34a795369684b949bdc25535bbf4fa2fde56a7e971e03aba5f799fa3902ae358b21bc1
-
SSDEEP
49152:JjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQ/:hLu13/Jk2Ph05e+g3FM
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-