General

  • Target

    2025-04-26_a8495d682a367ddb6f16a46f8016b780_amadey_black-basta_elex_smoke-loader

  • Size

    11.8MB

  • Sample

    250426-zlyvfs1rt7

  • MD5

    a8495d682a367ddb6f16a46f8016b780

  • SHA1

    3f4decc42d38e8e4451f2d4aa724ccc596495301

  • SHA256

    890e8811febe69faf4c150626250dc6f883763d8523292a6b188fcb5b30ea250

  • SHA512

    829da94e0a8631095744b2b4705ee16618290a57e9aad6abb3df8ee0531822cb1d9a3564dabba9094ebe801da15195379dff9174a8621f11c6b4b56077158995

  • SSDEEP

    98304:dLu13/Jk2Ph05e+g3FgbhfzuCPtj1HSU2jXso8An0yUll8cMgNxnQkYlgD5Sa:dikgcNlhrVp1HSTDsoTn90lcGeFa

Malware Config

Targets

    • Target

      2025-04-26_a8495d682a367ddb6f16a46f8016b780_amadey_black-basta_elex_smoke-loader

    • Size

      11.8MB

    • MD5

      a8495d682a367ddb6f16a46f8016b780

    • SHA1

      3f4decc42d38e8e4451f2d4aa724ccc596495301

    • SHA256

      890e8811febe69faf4c150626250dc6f883763d8523292a6b188fcb5b30ea250

    • SHA512

      829da94e0a8631095744b2b4705ee16618290a57e9aad6abb3df8ee0531822cb1d9a3564dabba9094ebe801da15195379dff9174a8621f11c6b4b56077158995

    • SSDEEP

      98304:dLu13/Jk2Ph05e+g3FgbhfzuCPtj1HSU2jXso8An0yUll8cMgNxnQkYlgD5Sa:dikgcNlhrVp1HSTDsoTn90lcGeFa

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks