Overview

overview

7

Static

static

3

2025-05-11...er.exe

windows10-2004-x64

7

2025-05-11...er.exe

windows11-21h2-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2025-05-11_859acce7686c2908114ba758263bbbab_amadey_elex_smoke-loader

  • Size

    7.5MB

  • Sample

    250511-gdpmpsxlx4

  • MD5

    859acce7686c2908114ba758263bbbab

  • SHA1

    95f29162d41056a3f03d69910d5acb62b6921015

  • SHA256

    9e6e6c429d8dba800c557ca5d0fa545d457f400b32c582a85fd68dccc57e8167

  • SHA512

    44aeaf2805faa198d872b4e97455e178d6d29c503e7e253a605a8018c2badceaf076ed2ae82cf9181e1520db060682bbc6b696d704fb1f94ef4f86a350059ec3

  • SSDEEP

    98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLX:0jJl

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2025-05-11_859acce7686c2908114ba758263bbbab_amadey_elex_smoke-loader

    • Size

      7.5MB

    • MD5

      859acce7686c2908114ba758263bbbab

    • SHA1

      95f29162d41056a3f03d69910d5acb62b6921015

    • SHA256

      9e6e6c429d8dba800c557ca5d0fa545d457f400b32c582a85fd68dccc57e8167

    • SHA512

      44aeaf2805faa198d872b4e97455e178d6d29c503e7e253a605a8018c2badceaf076ed2ae82cf9181e1520db060682bbc6b696d704fb1f94ef4f86a350059ec3

    • SSDEEP

      98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLX:0jJl

    Score
    7/10
    discoveryspywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v16

Tasks

OSZAR »