General
-
Target
2025-04-26_1e87d6edfccd2cc56ada2e54a9039f5f_amadey_elex_smoke-loader
-
Size
11.8MB
-
Sample
250426-ys52nsyvax
-
MD5
1e87d6edfccd2cc56ada2e54a9039f5f
-
SHA1
76c833d5b254afb735ed028043b439d6c0c145fc
-
SHA256
9b13c6b71bcf1ab7d6a96fb79183f3f4fcb9a081c9e7919349160f564d00e73f
-
SHA512
22c9ec110ae46881a10cc117e80a7948c97921082da6d273865ec6b32a5f2efecbc41d823c6298474783e108619d39dd5801e5747683a035cdd67d3b3d415859
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKp:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe
Behavioral task
behavioral1
Sample
2025-04-26_1e87d6edfccd2cc56ada2e54a9039f5f_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_1e87d6edfccd2cc56ada2e54a9039f5f_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_1e87d6edfccd2cc56ada2e54a9039f5f_amadey_elex_smoke-loader
-
Size
11.8MB
-
MD5
1e87d6edfccd2cc56ada2e54a9039f5f
-
SHA1
76c833d5b254afb735ed028043b439d6c0c145fc
-
SHA256
9b13c6b71bcf1ab7d6a96fb79183f3f4fcb9a081c9e7919349160f564d00e73f
-
SHA512
22c9ec110ae46881a10cc117e80a7948c97921082da6d273865ec6b32a5f2efecbc41d823c6298474783e108619d39dd5801e5747683a035cdd67d3b3d415859
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKp:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-