General
-
Target
f8f3a30f2e20482b95fcb7424ede443d2b4dd31ce6b4bdee484d01c2af5000de
-
Size
279KB
-
Sample
220117-kpn24ahbb5
-
MD5
322662f080783dcbb75ccff43ca6543f
-
SHA1
b723935d7dc52d0b1513cf13fabeab7203db247a
-
SHA256
f8f3a30f2e20482b95fcb7424ede443d2b4dd31ce6b4bdee484d01c2af5000de
-
SHA512
5909f29955b6b77613312d1cadb5304341ab6844755a14dbd4bbd52e9bc1ffa70a0f9585198ff77ee7e577dca0e9bb473df4298e582abde5b60842c2232c9895
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
f8f3a30f2e20482b95fcb7424ede443d2b4dd31ce6b4bdee484d01c2af5000de
-
Size
279KB
-
MD5
322662f080783dcbb75ccff43ca6543f
-
SHA1
b723935d7dc52d0b1513cf13fabeab7203db247a
-
SHA256
f8f3a30f2e20482b95fcb7424ede443d2b4dd31ce6b4bdee484d01c2af5000de
-
SHA512
5909f29955b6b77613312d1cadb5304341ab6844755a14dbd4bbd52e9bc1ffa70a0f9585198ff77ee7e577dca0e9bb473df4298e582abde5b60842c2232c9895
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-