General

  • Target

    2025-04-26_f5aa51ba098bbcf6cc6ffeb313e09af9_amadey_elex_smoke-loader

  • Size

    6.7MB

  • Sample

    250426-yscp5aytgz

  • MD5

    f5aa51ba098bbcf6cc6ffeb313e09af9

  • SHA1

    0227159008d2db5224a1b9b3232bc436fc9517f2

  • SHA256

    9e5e4b2952428a3347a0b3ae9b5ee1b3f93b5b63bed956efcf5508fdf7858464

  • SHA512

    7049fcc30c0ca8357760b2f0666e4374d0f8fa42df1cad574a3ca46f8a4b1af3c1a6cf45ea0ed560a67c7ca3de595751ce8c8efc697141a66019692a755dad2b

  • SSDEEP

    49152:CjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633K:eLu13/Jk2Ph05e+g3K

Malware Config

Targets

    • Target

      2025-04-26_f5aa51ba098bbcf6cc6ffeb313e09af9_amadey_elex_smoke-loader

    • Size

      6.7MB

    • MD5

      f5aa51ba098bbcf6cc6ffeb313e09af9

    • SHA1

      0227159008d2db5224a1b9b3232bc436fc9517f2

    • SHA256

      9e5e4b2952428a3347a0b3ae9b5ee1b3f93b5b63bed956efcf5508fdf7858464

    • SHA512

      7049fcc30c0ca8357760b2f0666e4374d0f8fa42df1cad574a3ca46f8a4b1af3c1a6cf45ea0ed560a67c7ca3de595751ce8c8efc697141a66019692a755dad2b

    • SSDEEP

      49152:CjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633K:eLu13/Jk2Ph05e+g3K

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks