General

  • Target

    2025-04-27_7a37590eee4fb8e1338cbb97cee26c95_amadey_elex_smoke-loader

  • Size

    7.8MB

  • Sample

    250427-fd541stwgs

  • MD5

    7a37590eee4fb8e1338cbb97cee26c95

  • SHA1

    2d0d20978702808daee808e7426779fda7ce3bc3

  • SHA256

    5df96112a55fa9f0d471c99132d596e69d544bf9ed8026199c1b8f969066ee0a

  • SHA512

    0e405e81432612c9f6b5ea040390db92c11ad516bb4df617736ffd64604fad44ca3fcbad6c2de0edebf10b08b3c1d7e744aa8cb5ea166633933d676a041fdd8d

  • SSDEEP

    49152:BjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633jv:JLu13/Jk2Ph05e+g3

Malware Config

Targets

    • Target

      2025-04-27_7a37590eee4fb8e1338cbb97cee26c95_amadey_elex_smoke-loader

    • Size

      7.8MB

    • MD5

      7a37590eee4fb8e1338cbb97cee26c95

    • SHA1

      2d0d20978702808daee808e7426779fda7ce3bc3

    • SHA256

      5df96112a55fa9f0d471c99132d596e69d544bf9ed8026199c1b8f969066ee0a

    • SHA512

      0e405e81432612c9f6b5ea040390db92c11ad516bb4df617736ffd64604fad44ca3fcbad6c2de0edebf10b08b3c1d7e744aa8cb5ea166633933d676a041fdd8d

    • SSDEEP

      49152:BjLuSh3i+FtvkMzT+3HfOGlk2Ph0fhe+D6U633jv:JLu13/Jk2Ph05e+g3

    • Panda Stealer payload

    • PandaStealer

      Panda Stealer is a fork of CollectorProject Stealer written in C++.

    • Pandastealer family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v16

Tasks