General

  • Target

    2025-04-26_63f48411ef6c9e50b3dab4df1f2d94c2_amadey_black-basta_elex_smoke-loader

  • Size

    11.8MB

  • Sample

    250426-y5bzcs1ps9

  • MD5

    63f48411ef6c9e50b3dab4df1f2d94c2

  • SHA1

    aa9c3a1a72324769c28e297874de1617f8294340

  • SHA256

    fed78ab145ff4b5c9163b46d5c82c11eb2f68e055294888ab793720d736a84a0

  • SHA512

    18036a29f5b0d451cc9fcfca4c6e7dc62adb3a8edadc33cce51d718e330e19ebb6b3ef245414c543d63928e54bc5f7b17d936e5147311865b930da98024616eb

  • SSDEEP

    98304:dLu13/Jk2Ph05e+g3FgbhfzuCPtj1HSU2:dikgcNlhrVp1HST

Malware Config

Targets

    • Target

      2025-04-26_63f48411ef6c9e50b3dab4df1f2d94c2_amadey_black-basta_elex_smoke-loader

    • Size

      11.8MB

    • MD5

      63f48411ef6c9e50b3dab4df1f2d94c2

    • SHA1

      aa9c3a1a72324769c28e297874de1617f8294340

    • SHA256

      fed78ab145ff4b5c9163b46d5c82c11eb2f68e055294888ab793720d736a84a0

    • SHA512

      18036a29f5b0d451cc9fcfca4c6e7dc62adb3a8edadc33cce51d718e330e19ebb6b3ef245414c543d63928e54bc5f7b17d936e5147311865b930da98024616eb

    • SSDEEP

      98304:dLu13/Jk2Ph05e+g3FgbhfzuCPtj1HSU2:dikgcNlhrVp1HST

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks