General

  • Target

    2025-04-26_1e87d6edfccd2cc56ada2e54a9039f5f_amadey_elex_smoke-loader

  • Size

    11.8MB

  • Sample

    250426-yrd7ka1mv6

  • MD5

    1e87d6edfccd2cc56ada2e54a9039f5f

  • SHA1

    76c833d5b254afb735ed028043b439d6c0c145fc

  • SHA256

    9b13c6b71bcf1ab7d6a96fb79183f3f4fcb9a081c9e7919349160f564d00e73f

  • SHA512

    22c9ec110ae46881a10cc117e80a7948c97921082da6d273865ec6b32a5f2efecbc41d823c6298474783e108619d39dd5801e5747683a035cdd67d3b3d415859

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKp:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe

Malware Config

Targets

    • Target

      2025-04-26_1e87d6edfccd2cc56ada2e54a9039f5f_amadey_elex_smoke-loader

    • Size

      11.8MB

    • MD5

      1e87d6edfccd2cc56ada2e54a9039f5f

    • SHA1

      76c833d5b254afb735ed028043b439d6c0c145fc

    • SHA256

      9b13c6b71bcf1ab7d6a96fb79183f3f4fcb9a081c9e7919349160f564d00e73f

    • SHA512

      22c9ec110ae46881a10cc117e80a7948c97921082da6d273865ec6b32a5f2efecbc41d823c6298474783e108619d39dd5801e5747683a035cdd67d3b3d415859

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKp:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks