General
-
Target
2025-04-27_3084bda01edcecb6ec124c5c2d280781_amadey_elex_smoke-loader
-
Size
7.9MB
-
Sample
250427-erw8lawmw9
-
MD5
3084bda01edcecb6ec124c5c2d280781
-
SHA1
168c6169162e3d600f2ebbf347f5865249bb3c78
-
SHA256
c09b6145153b04552afff000f0c1fba09571f1a6e56bc368055f26d73e18a0fd
-
SHA512
46235302cc8e786f3ef9141ac9bdec3d9f4616c3dec73edf34526b9ce68669731005451a8c827e7c20c4328917dc8e72cd19607234627901a402768dcf3bc0a1
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzY:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh
Behavioral task
behavioral1
Sample
2025-04-27_3084bda01edcecb6ec124c5c2d280781_amadey_elex_smoke-loader.exe
Resource
win10v2004-20250410-en
Behavioral task
behavioral2
Sample
2025-04-27_3084bda01edcecb6ec124c5c2d280781_amadey_elex_smoke-loader.exe
Resource
win11-20250410-en
Malware Config
Targets
-
-
Target
2025-04-27_3084bda01edcecb6ec124c5c2d280781_amadey_elex_smoke-loader
-
Size
7.9MB
-
MD5
3084bda01edcecb6ec124c5c2d280781
-
SHA1
168c6169162e3d600f2ebbf347f5865249bb3c78
-
SHA256
c09b6145153b04552afff000f0c1fba09571f1a6e56bc368055f26d73e18a0fd
-
SHA512
46235302cc8e786f3ef9141ac9bdec3d9f4616c3dec73edf34526b9ce68669731005451a8c827e7c20c4328917dc8e72cd19607234627901a402768dcf3bc0a1
-
SSDEEP
24576:lKKKKKKKKKKKKKKKKKKKKKKKN7ChBWMQ+uSJJd3Dkd9+ZDd3vNSM0y9T+m5k2SzY:9jLuSh3i+FtvkMzT+3HfOGlk2Ph0fh
Score10/10-
Panda Stealer payload
-
Pandastealer family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-