General
-
Target
c43146fbf1b130566b50b61b38a8b826eb76c7f8f78b60df179c0b0f163d8bf0
-
Size
300KB
-
Sample
220118-3jwtvseacq
-
MD5
b2e616129d54b1d9b3ec5fe179bbade0
-
SHA1
17c66cbe1c4aa30845db52259f0a2e54b61f85be
-
SHA256
c43146fbf1b130566b50b61b38a8b826eb76c7f8f78b60df179c0b0f163d8bf0
-
SHA512
949a1c9cab69e68f64ebc2d211b984e9c615544b5a85e4890b835b471e3df3d4c72c6c279ad0d0df97e7bd2a0ca3783fdf68c3c98a5a954035e787712055b12c
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
c43146fbf1b130566b50b61b38a8b826eb76c7f8f78b60df179c0b0f163d8bf0
-
Size
300KB
-
MD5
b2e616129d54b1d9b3ec5fe179bbade0
-
SHA1
17c66cbe1c4aa30845db52259f0a2e54b61f85be
-
SHA256
c43146fbf1b130566b50b61b38a8b826eb76c7f8f78b60df179c0b0f163d8bf0
-
SHA512
949a1c9cab69e68f64ebc2d211b984e9c615544b5a85e4890b835b471e3df3d4c72c6c279ad0d0df97e7bd2a0ca3783fdf68c3c98a5a954035e787712055b12c
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-