General

  • Target

    2025-04-26_592226cfc64dd61d8108a8072f40ad16_amadey_black-basta_elex_hijackloader_smoke-loader

  • Size

    11.8MB

  • Sample

    250426-y2gensywe1

  • MD5

    592226cfc64dd61d8108a8072f40ad16

  • SHA1

    86cba74d98cee7efd7ef9bcdcf6eebb39f81c8ba

  • SHA256

    086c7d36ea4930469cbe8bd7a3feb0bb5e9abad9f3d6303818bb2757c8628530

  • SHA512

    18fe81271e478d7d143d64b49d1b51011d46993438439267e1de918d77a5bde07390bf0923463bfdebe73d4b6b21d72ba2fa9254013d717d316df7cc684a1be0

  • SSDEEP

    196608:yikgcNrhrVp1HSTDsoTn90lcGeFaxJI3qLaLhFT7Uc:yikg4r/OpZXJFee3qGhFMc

Malware Config

Targets

    • Target

      2025-04-26_592226cfc64dd61d8108a8072f40ad16_amadey_black-basta_elex_hijackloader_smoke-loader

    • Size

      11.8MB

    • MD5

      592226cfc64dd61d8108a8072f40ad16

    • SHA1

      86cba74d98cee7efd7ef9bcdcf6eebb39f81c8ba

    • SHA256

      086c7d36ea4930469cbe8bd7a3feb0bb5e9abad9f3d6303818bb2757c8628530

    • SHA512

      18fe81271e478d7d143d64b49d1b51011d46993438439267e1de918d77a5bde07390bf0923463bfdebe73d4b6b21d72ba2fa9254013d717d316df7cc684a1be0

    • SSDEEP

      196608:yikgcNrhrVp1HSTDsoTn90lcGeFaxJI3qLaLhFT7Uc:yikg4r/OpZXJFee3qGhFMc

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks