General
-
Target
f323e2e20fc2f1d9d5afe645acfb33670f4fc8be2d472dfc5d1151b723321004
-
Size
316KB
-
Sample
220115-njfejsedck
-
MD5
f311b9f8b7b18430f985d40b156dfd07
-
SHA1
5ebeddb6a903f9d51f840858827ebc1f21fee122
-
SHA256
f323e2e20fc2f1d9d5afe645acfb33670f4fc8be2d472dfc5d1151b723321004
-
SHA512
bb721a5aa14ac3e4c5d3b7fd16d40c1d795bf8b2ca103c47a1b95c6f6accb460b12a5580f54370e6af3ff03e2ba1ad2837c64b0ca5aad720d67e55899fff705f
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
f323e2e20fc2f1d9d5afe645acfb33670f4fc8be2d472dfc5d1151b723321004
-
Size
316KB
-
MD5
f311b9f8b7b18430f985d40b156dfd07
-
SHA1
5ebeddb6a903f9d51f840858827ebc1f21fee122
-
SHA256
f323e2e20fc2f1d9d5afe645acfb33670f4fc8be2d472dfc5d1151b723321004
-
SHA512
bb721a5aa14ac3e4c5d3b7fd16d40c1d795bf8b2ca103c47a1b95c6f6accb460b12a5580f54370e6af3ff03e2ba1ad2837c64b0ca5aad720d67e55899fff705f
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-