General

  • Target

    2025-04-26_53c06d98874e6199481f09a058cb5a5c_amadey_elex_smoke-loader

  • Size

    6.0MB

  • Sample

    250426-y1jteaywdw

  • MD5

    53c06d98874e6199481f09a058cb5a5c

  • SHA1

    e403b73d99091a7344b165e1441f5e0f551b8a5e

  • SHA256

    cb78ca7f6fa4ee6824691f37f6031ec4610504c206e5abd87c43db1e1e58f0d0

  • SHA512

    fd0e176b4b9cc06becc882414bce6ff0b5b7090a8115769912138a5c450bc56d7f1cd55b0c9a350b4ecafdc781c565319590703de14441a3ecf2428b065eb55c

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKi:ujLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe

Malware Config

Targets

    • Target

      2025-04-26_53c06d98874e6199481f09a058cb5a5c_amadey_elex_smoke-loader

    • Size

      6.0MB

    • MD5

      53c06d98874e6199481f09a058cb5a5c

    • SHA1

      e403b73d99091a7344b165e1441f5e0f551b8a5e

    • SHA256

      cb78ca7f6fa4ee6824691f37f6031ec4610504c206e5abd87c43db1e1e58f0d0

    • SHA512

      fd0e176b4b9cc06becc882414bce6ff0b5b7090a8115769912138a5c450bc56d7f1cd55b0c9a350b4ecafdc781c565319590703de14441a3ecf2428b065eb55c

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKi:ujLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks