General

  • Target

    2025-04-27_1e80d3ff24fad22e810498f43d335b62_amadey_elex_smoke-loader

  • Size

    7.9MB

  • Sample

    250427-en69dswms3

  • MD5

    1e80d3ff24fad22e810498f43d335b62

  • SHA1

    238af391391e79c0923d5f5662b926471f0e5bc5

  • SHA256

    bbf23bf320e8a0fe13a02194a9892b0a59b889828064487426ed3f4b3aec66e5

  • SHA512

    115018752b6f32e25202aec1a40f5696366e3206c46e016e2a9c886d7c76cbf1f925d604dfe3844f4d0094ed4a1f0dc45072abfe85bc5a95dfdd0f2d16d5402c

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzT:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4

Malware Config

Targets

    • Target

      2025-04-27_1e80d3ff24fad22e810498f43d335b62_amadey_elex_smoke-loader

    • Size

      7.9MB

    • MD5

      1e80d3ff24fad22e810498f43d335b62

    • SHA1

      238af391391e79c0923d5f5662b926471f0e5bc5

    • SHA256

      bbf23bf320e8a0fe13a02194a9892b0a59b889828064487426ed3f4b3aec66e5

    • SHA512

      115018752b6f32e25202aec1a40f5696366e3206c46e016e2a9c886d7c76cbf1f925d604dfe3844f4d0094ed4a1f0dc45072abfe85bc5a95dfdd0f2d16d5402c

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzT:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh4

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks