General

  • Target

    2025-04-27_3084bda01edcecb6ec124c5c2d280781_amadey_elex_smoke-loader

  • Size

    7.9MB

  • Sample

    250427-erw8lawmw9

  • MD5

    3084bda01edcecb6ec124c5c2d280781

  • SHA1

    168c6169162e3d600f2ebbf347f5865249bb3c78

  • SHA256

    c09b6145153b04552afff000f0c1fba09571f1a6e56bc368055f26d73e18a0fd

  • SHA512

    46235302cc8e786f3ef9141ac9bdec3d9f4616c3dec73edf34526b9ce68669731005451a8c827e7c20c4328917dc8e72cd19607234627901a402768dcf3bc0a1

  • SSDEEP

    24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzY:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh

Malware Config

Targets

    • Target

      2025-04-27_3084bda01edcecb6ec124c5c2d280781_amadey_elex_smoke-loader

    • Size

      7.9MB

    • MD5

      3084bda01edcecb6ec124c5c2d280781

    • SHA1

      168c6169162e3d600f2ebbf347f5865249bb3c78

    • SHA256

      c09b6145153b04552afff000f0c1fba09571f1a6e56bc368055f26d73e18a0fd

    • SHA512

      46235302cc8e786f3ef9141ac9bdec3d9f4616c3dec73edf34526b9ce68669731005451a8c827e7c20c4328917dc8e72cd19607234627901a402768dcf3bc0a1

    • SSDEEP

      24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzY:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks