General
-
Target
2025-04-26_cbe2eca94e6d620f0da712ebb1955129_amadey_elex_smoke-loader
-
Size
6.0MB
-
Sample
250426-zv3vrsy1c1
-
MD5
cbe2eca94e6d620f0da712ebb1955129
-
SHA1
c15d08e1da3c83d4f9ba74aea17dbbf1d317f623
-
SHA256
ea2b2ea78f4c2d2910d817a4b7c3a8d5855bd7b5d26efa8e414626c004b56f8e
-
SHA512
9a15b46e76d87067e8208ebf1ad4d05e89936afdd2e1db8a5bef90e5ba6fe187888574956b8637552617e536d6dc7b7d7d756705592efb5953aaec51ff10d307
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKP:ujLuSh3i+FtvkMzT+3HfOG
Behavioral task
behavioral1
Sample
2025-04-26_cbe2eca94e6d620f0da712ebb1955129_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral2
Sample
2025-04-26_cbe2eca94e6d620f0da712ebb1955129_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-26_cbe2eca94e6d620f0da712ebb1955129_amadey_elex_smoke-loader
-
Size
6.0MB
-
MD5
cbe2eca94e6d620f0da712ebb1955129
-
SHA1
c15d08e1da3c83d4f9ba74aea17dbbf1d317f623
-
SHA256
ea2b2ea78f4c2d2910d817a4b7c3a8d5855bd7b5d26efa8e414626c004b56f8e
-
SHA512
9a15b46e76d87067e8208ebf1ad4d05e89936afdd2e1db8a5bef90e5ba6fe187888574956b8637552617e536d6dc7b7d7d756705592efb5953aaec51ff10d307
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKP:ujLuSh3i+FtvkMzT+3HfOG
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-