General
-
Target
a70858c6bd41ef96bf3c89102c20cd62f450ab7a4255b18e85866f389fc98d03
-
Size
321KB
-
Sample
220115-b82b4abhb6
-
MD5
68c5b2babbaad69078f89fb20f0239f0
-
SHA1
6ea37d2b897c4bbb1eab82af9b3b59e354160ff6
-
SHA256
a70858c6bd41ef96bf3c89102c20cd62f450ab7a4255b18e85866f389fc98d03
-
SHA512
f42d96196412615c32985a90bf4534ab4a79b601cdea32c0941908f0c9d84b42d10b31eefe680c58d3963839edd291f863043dbc61eaba3eccd25760d75b3018
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
a70858c6bd41ef96bf3c89102c20cd62f450ab7a4255b18e85866f389fc98d03
-
Size
321KB
-
MD5
68c5b2babbaad69078f89fb20f0239f0
-
SHA1
6ea37d2b897c4bbb1eab82af9b3b59e354160ff6
-
SHA256
a70858c6bd41ef96bf3c89102c20cd62f450ab7a4255b18e85866f389fc98d03
-
SHA512
f42d96196412615c32985a90bf4534ab4a79b601cdea32c0941908f0c9d84b42d10b31eefe680c58d3963839edd291f863043dbc61eaba3eccd25760d75b3018
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-