General
-
Target
2025-04-26_2c555465cac3e600ad24c212864eaef1_amadey_elex_smoke-loader
-
Size
5.2MB
-
Sample
250426-ys4hvayvaw
-
MD5
2c555465cac3e600ad24c212864eaef1
-
SHA1
c7bc7e8cc64ef2f5a44d91117a95e5f4015e43de
-
SHA256
017e4bcfcb327666100ede89e39e01fe32841440f2d1137df7e1559bb1f6a811
-
SHA512
b8d39ca71c49914b5013438cd85d6eb972009b28ffb9a059a5710072c4d619000a8ca4d0163cfad959f6479e75ce777ed7b45973ba73b55c3880db1155c7f01b
-
SSDEEP
49152:KjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4loTpcAqOdxna:2Lu13/Jk2Ph054eTpy
Behavioral task
behavioral1
Sample
2025-04-26_2c555465cac3e600ad24c212864eaef1_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_2c555465cac3e600ad24c212864eaef1_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_2c555465cac3e600ad24c212864eaef1_amadey_elex_smoke-loader
-
Size
5.2MB
-
MD5
2c555465cac3e600ad24c212864eaef1
-
SHA1
c7bc7e8cc64ef2f5a44d91117a95e5f4015e43de
-
SHA256
017e4bcfcb327666100ede89e39e01fe32841440f2d1137df7e1559bb1f6a811
-
SHA512
b8d39ca71c49914b5013438cd85d6eb972009b28ffb9a059a5710072c4d619000a8ca4d0163cfad959f6479e75ce777ed7b45973ba73b55c3880db1155c7f01b
-
SSDEEP
49152:KjLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4loTpcAqOdxna:2Lu13/Jk2Ph054eTpy
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-