General
-
Target
2025-04-26_a00f5046e1869b8557502a0359224968_amadey_elex_smoke-loader
-
Size
5.6MB
-
Sample
250426-xqbvdaxvhs
-
MD5
a00f5046e1869b8557502a0359224968
-
SHA1
d36dd65294caff3193971ae80545a84cc66705f2
-
SHA256
8de1a8be2ce3dfb06833483efacf34431b258fe99b5e42343cafdf52ec9d195f
-
SHA512
59561c1e08cb302d58b9b332a6587054c58a1bfb39fa72ab4c0cdcac4abed78576682531a9c64e654d94cba70b4738485b71b5eea458a7eaeb7487724059ed7d
-
SSDEEP
49152:RjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4loTpcAqOdxn4:ZLu13/Jk2Ph054eTpw
Behavioral task
behavioral1
Sample
2025-04-26_a00f5046e1869b8557502a0359224968_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
2025-04-26_a00f5046e1869b8557502a0359224968_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_a00f5046e1869b8557502a0359224968_amadey_elex_smoke-loader
-
Size
5.6MB
-
MD5
a00f5046e1869b8557502a0359224968
-
SHA1
d36dd65294caff3193971ae80545a84cc66705f2
-
SHA256
8de1a8be2ce3dfb06833483efacf34431b258fe99b5e42343cafdf52ec9d195f
-
SHA512
59561c1e08cb302d58b9b332a6587054c58a1bfb39fa72ab4c0cdcac4abed78576682531a9c64e654d94cba70b4738485b71b5eea458a7eaeb7487724059ed7d
-
SSDEEP
49152:RjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4loTpcAqOdxn4:ZLu13/Jk2Ph054eTpw
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-