General

  • Target

    2025-04-26_1683495f41e04ebb942e7f2b2ea7e7cf_amadey_elex_smoke-loader

  • Size

    11.8MB

  • Sample

    250426-yp2vva1l18

  • MD5

    1683495f41e04ebb942e7f2b2ea7e7cf

  • SHA1

    cec8dec5522c6c3f10e50983d6229058dc6d3c9c

  • SHA256

    c5daccf9955552f0816d43c4631a626acaebd8419a0b6636c5acd51bb56aa1af

  • SHA512

    c2d903c2c4b9d8687eed84a6a2b042f41511197d026a32126aea24c79a711ba200259d6128837e83d963d0b3ea3c66bad7b3bacaa5b85a5d3d24cafb08226510

  • SSDEEP

    49152:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633:dLu13/Jk2Ph05e+g3

Malware Config

Targets

    • Target

      2025-04-26_1683495f41e04ebb942e7f2b2ea7e7cf_amadey_elex_smoke-loader

    • Size

      11.8MB

    • MD5

      1683495f41e04ebb942e7f2b2ea7e7cf

    • SHA1

      cec8dec5522c6c3f10e50983d6229058dc6d3c9c

    • SHA256

      c5daccf9955552f0816d43c4631a626acaebd8419a0b6636c5acd51bb56aa1af

    • SHA512

      c2d903c2c4b9d8687eed84a6a2b042f41511197d026a32126aea24c79a711ba200259d6128837e83d963d0b3ea3c66bad7b3bacaa5b85a5d3d24cafb08226510

    • SSDEEP

      49152:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633:dLu13/Jk2Ph05e+g3

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks