General
-
Target
2025-04-27_1e80d3ff24fad22e810498f43d335b62_amadey_elex_smoke-loader
-
Size
7.9MB
-
Sample
250427-emf1tawly6
-
MD5
1e80d3ff24fad22e810498f43d335b62
-
SHA1
238af391391e79c0923d5f5662b926471f0e5bc5
-
SHA256
bbf23bf320e8a0fe13a02194a9892b0a59b889828064487426ed3f4b3aec66e5
-
SHA512
115018752b6f32e25202aec1a40f5696366e3206c46e016e2a9c886d7c76cbf1f925d604dfe3844f4d0094ed4a1f0dc45072abfe85bc5a95dfdd0f2d16d5402c
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzT:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4
Behavioral task
behavioral1
Sample
2025-04-27_1e80d3ff24fad22e810498f43d335b62_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-27_1e80d3ff24fad22e810498f43d335b62_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-27_1e80d3ff24fad22e810498f43d335b62_amadey_elex_smoke-loader
-
Size
7.9MB
-
MD5
1e80d3ff24fad22e810498f43d335b62
-
SHA1
238af391391e79c0923d5f5662b926471f0e5bc5
-
SHA256
bbf23bf320e8a0fe13a02194a9892b0a59b889828064487426ed3f4b3aec66e5
-
SHA512
115018752b6f32e25202aec1a40f5696366e3206c46e016e2a9c886d7c76cbf1f925d604dfe3844f4d0094ed4a1f0dc45072abfe85bc5a95dfdd0f2d16d5402c
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzT:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-