General
-
Target
cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
-
Size
308KB
-
Sample
220118-qk3ycabdgj
-
MD5
19b9aabb4b600bbe222df7c20bf07ded
-
SHA1
8ec44325179bd831d61c96cef4715b4f14a8d701
-
SHA256
cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
-
SHA512
306a62d46fba2d60bada530b0150b2ce53d44ad7ce6a2ebc319ed75a781d6962509426fc6a2dba1b5c2b900ce55a89e81ccda47d5c332382c1694138fe4d7b7f
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
-
Size
308KB
-
MD5
19b9aabb4b600bbe222df7c20bf07ded
-
SHA1
8ec44325179bd831d61c96cef4715b4f14a8d701
-
SHA256
cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
-
SHA512
306a62d46fba2d60bada530b0150b2ce53d44ad7ce6a2ebc319ed75a781d6962509426fc6a2dba1b5c2b900ce55a89e81ccda47d5c332382c1694138fe4d7b7f
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-