General
-
Target
9bdd2f0e7b2e3b692c90ec0d23021ac8fbb6b11a9dac637896c3d31b5f847f03
-
Size
316KB
-
Sample
220114-zyvzbsaeh4
-
MD5
986048cf2c47ea2cfe80f89e7f42ee17
-
SHA1
54bba7a1441f305443d2104b59150fa645f8a9f6
-
SHA256
9bdd2f0e7b2e3b692c90ec0d23021ac8fbb6b11a9dac637896c3d31b5f847f03
-
SHA512
52811b896a24e77c47cc12dff34f39709aac7ac4f033749b2f02ca3c3d32f609a6a6c24a76ec5e763a298afda1d21456d24ad34aa11f143c3f91054d4ae02246
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
9bdd2f0e7b2e3b692c90ec0d23021ac8fbb6b11a9dac637896c3d31b5f847f03
-
Size
316KB
-
MD5
986048cf2c47ea2cfe80f89e7f42ee17
-
SHA1
54bba7a1441f305443d2104b59150fa645f8a9f6
-
SHA256
9bdd2f0e7b2e3b692c90ec0d23021ac8fbb6b11a9dac637896c3d31b5f847f03
-
SHA512
52811b896a24e77c47cc12dff34f39709aac7ac4f033749b2f02ca3c3d32f609a6a6c24a76ec5e763a298afda1d21456d24ad34aa11f143c3f91054d4ae02246
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-