General

  • Target

    2025-04-26_b3084b71c25cc170bd04071a5d2684e0_amadey_black-basta_elex_smoke-loader

  • Size

    11.8MB

  • Sample

    250426-zmj3pa1rv9

  • MD5

    b3084b71c25cc170bd04071a5d2684e0

  • SHA1

    826d13c756e705a4bfab6ffc4da19667265fa1e9

  • SHA256

    0f2313b59a0d6924ce2a05945063199c24320ddc11142022e4a761fb1a4c79f8

  • SHA512

    beabbb3c8104c8f76b67d81b3489d5b4a26327e6de58a1f1a66a9f5fafa3c36d0e7f86ed79a84bc077b9948224f119ae25301def7a91949fb72f79f99a14c8ca

  • SSDEEP

    49152:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQV:dLu13/Jk2Ph05e+g3Fgbhfzu

Malware Config

Targets

    • Target

      2025-04-26_b3084b71c25cc170bd04071a5d2684e0_amadey_black-basta_elex_smoke-loader

    • Size

      11.8MB

    • MD5

      b3084b71c25cc170bd04071a5d2684e0

    • SHA1

      826d13c756e705a4bfab6ffc4da19667265fa1e9

    • SHA256

      0f2313b59a0d6924ce2a05945063199c24320ddc11142022e4a761fb1a4c79f8

    • SHA512

      beabbb3c8104c8f76b67d81b3489d5b4a26327e6de58a1f1a66a9f5fafa3c36d0e7f86ed79a84bc077b9948224f119ae25301def7a91949fb72f79f99a14c8ca

    • SSDEEP

      49152:djLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U6338WOqWOJhNtD93oHwcwEgZ3FFQV:dLu13/Jk2Ph05e+g3Fgbhfzu

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks