General
-
Target
2025-04-26_592226cfc64dd61d8108a8072f40ad16_amadey_black-basta_elex_hijackloader_smoke-loader
-
Size
11.8MB
-
Sample
250426-y2gensywe1
-
MD5
592226cfc64dd61d8108a8072f40ad16
-
SHA1
86cba74d98cee7efd7ef9bcdcf6eebb39f81c8ba
-
SHA256
086c7d36ea4930469cbe8bd7a3feb0bb5e9abad9f3d6303818bb2757c8628530
-
SHA512
18fe81271e478d7d143d64b49d1b51011d46993438439267e1de918d77a5bde07390bf0923463bfdebe73d4b6b21d72ba2fa9254013d717d316df7cc684a1be0
-
SSDEEP
196608:yikgcNrhrVp1HSTDsoTn90lcGeFaxJI3qLaLhFT7Uc:yikg4r/OpZXJFee3qGhFMc
Behavioral task
behavioral1
Sample
2025-04-26_592226cfc64dd61d8108a8072f40ad16_amadey_black-basta_elex_hijackloader_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_592226cfc64dd61d8108a8072f40ad16_amadey_black-basta_elex_hijackloader_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_592226cfc64dd61d8108a8072f40ad16_amadey_black-basta_elex_hijackloader_smoke-loader
-
Size
11.8MB
-
MD5
592226cfc64dd61d8108a8072f40ad16
-
SHA1
86cba74d98cee7efd7ef9bcdcf6eebb39f81c8ba
-
SHA256
086c7d36ea4930469cbe8bd7a3feb0bb5e9abad9f3d6303818bb2757c8628530
-
SHA512
18fe81271e478d7d143d64b49d1b51011d46993438439267e1de918d77a5bde07390bf0923463bfdebe73d4b6b21d72ba2fa9254013d717d316df7cc684a1be0
-
SSDEEP
196608:yikgcNrhrVp1HSTDsoTn90lcGeFaxJI3qLaLhFT7Uc:yikg4r/OpZXJFee3qGhFMc
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-