General
-
Target
2025-04-26_63f48411ef6c9e50b3dab4df1f2d94c2_amadey_black-basta_elex_smoke-loader
-
Size
11.8MB
-
Sample
250426-y3r8ka1n17
-
MD5
63f48411ef6c9e50b3dab4df1f2d94c2
-
SHA1
aa9c3a1a72324769c28e297874de1617f8294340
-
SHA256
fed78ab145ff4b5c9163b46d5c82c11eb2f68e055294888ab793720d736a84a0
-
SHA512
18036a29f5b0d451cc9fcfca4c6e7dc62adb3a8edadc33cce51d718e330e19ebb6b3ef245414c543d63928e54bc5f7b17d936e5147311865b930da98024616eb
-
SSDEEP
98304:dLu13/Jk2Ph05e+g3FgbhfzuCPtj1HSU2:dikgcNlhrVp1HST
Behavioral task
behavioral1
Sample
2025-04-26_63f48411ef6c9e50b3dab4df1f2d94c2_amadey_black-basta_elex_smoke-loader.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
2025-04-26_63f48411ef6c9e50b3dab4df1f2d94c2_amadey_black-basta_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_63f48411ef6c9e50b3dab4df1f2d94c2_amadey_black-basta_elex_smoke-loader
-
Size
11.8MB
-
MD5
63f48411ef6c9e50b3dab4df1f2d94c2
-
SHA1
aa9c3a1a72324769c28e297874de1617f8294340
-
SHA256
fed78ab145ff4b5c9163b46d5c82c11eb2f68e055294888ab793720d736a84a0
-
SHA512
18036a29f5b0d451cc9fcfca4c6e7dc62adb3a8edadc33cce51d718e330e19ebb6b3ef245414c543d63928e54bc5f7b17d936e5147311865b930da98024616eb
-
SSDEEP
98304:dLu13/Jk2Ph05e+g3FgbhfzuCPtj1HSU2:dikgcNlhrVp1HST
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-