General
-
Target
0b1ae3205ced165ce260c192c5b7e084c41b0f34d7340647bca07ce55d8d4851
-
Size
310KB
-
Sample
211125-t7syfabbe2
-
MD5
c2f391697b371a4f96bf8f25b7db9a1a
-
SHA1
a513a20d4be4f49dd330ca917a98fd74424394bd
-
SHA256
0b1ae3205ced165ce260c192c5b7e084c41b0f34d7340647bca07ce55d8d4851
-
SHA512
b112619290083405808a3f0c7f8e2ee2b6c2150a1e0b37b73ce375f933f732fb17b73233f1b60e05cbf7ccb6158b8f0904eec7c2037fc1777eea69e2e0eec996
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
0b1ae3205ced165ce260c192c5b7e084c41b0f34d7340647bca07ce55d8d4851
-
Size
310KB
-
MD5
c2f391697b371a4f96bf8f25b7db9a1a
-
SHA1
a513a20d4be4f49dd330ca917a98fd74424394bd
-
SHA256
0b1ae3205ced165ce260c192c5b7e084c41b0f34d7340647bca07ce55d8d4851
-
SHA512
b112619290083405808a3f0c7f8e2ee2b6c2150a1e0b37b73ce375f933f732fb17b73233f1b60e05cbf7ccb6158b8f0904eec7c2037fc1777eea69e2e0eec996
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-