General

  • Target

    2025-04-26_98412a5ccb4e96c43a1ca720b37ba53b_amadey_elex_smoke-loader

  • Size

    6.0MB

  • Sample

    250426-xclseszkv4

  • MD5

    98412a5ccb4e96c43a1ca720b37ba53b

  • SHA1

    ef3b284d79b3ce7b1cea90a649b842cda758c1ea

  • SHA256

    dffe4445fd8d09f30d89c35eee5401ca9b3aef7f1297f08849f0b51dfa4a9385

  • SHA512

    46a6817050a1467c815a00f14bc4aaeb7f2c5af88918b6348607797695249420e2157f75518cdf522f13989ac887ca9bad38ac69a0bf78c67fc338376acd1cef

  • SSDEEP

    49152:JjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQ6:hLu13/Jk2Ph05e+g3F9

Malware Config

Targets

    • Target

      2025-04-26_98412a5ccb4e96c43a1ca720b37ba53b_amadey_elex_smoke-loader

    • Size

      6.0MB

    • MD5

      98412a5ccb4e96c43a1ca720b37ba53b

    • SHA1

      ef3b284d79b3ce7b1cea90a649b842cda758c1ea

    • SHA256

      dffe4445fd8d09f30d89c35eee5401ca9b3aef7f1297f08849f0b51dfa4a9385

    • SHA512

      46a6817050a1467c815a00f14bc4aaeb7f2c5af88918b6348607797695249420e2157f75518cdf522f13989ac887ca9bad38ac69a0bf78c67fc338376acd1cef

    • SSDEEP

      49152:JjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQ6:hLu13/Jk2Ph05e+g3F9

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks