General

  • Target

    2025-04-27_5e85af2a1f7ce32dd3a027d9cbacf0a3_amadey_elex_smoke-loader

  • Size

    7.8MB

  • Sample

    250427-e5q9hatvdt

  • MD5

    5e85af2a1f7ce32dd3a027d9cbacf0a3

  • SHA1

    a5ffb8d6c493932bd27e9463e371110ace92b6e4

  • SHA256

    51f324d32c68fa4f0b55823f4dba9bf5dfe609df70a9078df8be56619c8c217f

  • SHA512

    ba5c7fda42031c07a9d0191e1e585de4249c2087de4d1fb94d4ae43c82c8345d1e50e5853d785cc5324ba437e52633cda2d06560c600e8bf0281a3d84a1e72cb

  • SSDEEP

    49152:1jLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633jv:lLu13/Jk2Ph05e+g3

Malware Config

Targets

    • Target

      2025-04-27_5e85af2a1f7ce32dd3a027d9cbacf0a3_amadey_elex_smoke-loader

    • Size

      7.8MB

    • MD5

      5e85af2a1f7ce32dd3a027d9cbacf0a3

    • SHA1

      a5ffb8d6c493932bd27e9463e371110ace92b6e4

    • SHA256

      51f324d32c68fa4f0b55823f4dba9bf5dfe609df70a9078df8be56619c8c217f

    • SHA512

      ba5c7fda42031c07a9d0191e1e585de4249c2087de4d1fb94d4ae43c82c8345d1e50e5853d785cc5324ba437e52633cda2d06560c600e8bf0281a3d84a1e72cb

    • SSDEEP

      49152:1jLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633jv:lLu13/Jk2Ph05e+g3

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks