General
-
Target
2025-04-26_f5aa51ba098bbcf6cc6ffeb313e09af9_amadey_elex_smoke-loader
-
Size
6.7MB
-
Sample
250426-yscp5aytgz
-
MD5
f5aa51ba098bbcf6cc6ffeb313e09af9
-
SHA1
0227159008d2db5224a1b9b3232bc436fc9517f2
-
SHA256
9e5e4b2952428a3347a0b3ae9b5ee1b3f93b5b63bed956efcf5508fdf7858464
-
SHA512
7049fcc30c0ca8357760b2f0666e4374d0f8fa42df1cad574a3ca46f8a4b1af3c1a6cf45ea0ed560a67c7ca3de595751ce8c8efc697141a66019692a755dad2b
-
SSDEEP
49152:CjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633K:eLu13/Jk2Ph05e+g3K
Behavioral task
behavioral1
Sample
2025-04-26_f5aa51ba098bbcf6cc6ffeb313e09af9_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-26_f5aa51ba098bbcf6cc6ffeb313e09af9_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_f5aa51ba098bbcf6cc6ffeb313e09af9_amadey_elex_smoke-loader
-
Size
6.7MB
-
MD5
f5aa51ba098bbcf6cc6ffeb313e09af9
-
SHA1
0227159008d2db5224a1b9b3232bc436fc9517f2
-
SHA256
9e5e4b2952428a3347a0b3ae9b5ee1b3f93b5b63bed956efcf5508fdf7858464
-
SHA512
7049fcc30c0ca8357760b2f0666e4374d0f8fa42df1cad574a3ca46f8a4b1af3c1a6cf45ea0ed560a67c7ca3de595751ce8c8efc697141a66019692a755dad2b
-
SSDEEP
49152:CjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633K:eLu13/Jk2Ph05e+g3K
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-