General
-
Target
b0558a51f9c5a3d3d23ce79daead5b7be2889a6c0a4b54269f568f441fb78432
-
Size
289KB
-
Sample
220119-1e7z8addh5
-
MD5
30e4fde190bab62906af6c5a634673e6
-
SHA1
60db39f970ea8b8739bd3bba5ed2839b2c676d5e
-
SHA256
b0558a51f9c5a3d3d23ce79daead5b7be2889a6c0a4b54269f568f441fb78432
-
SHA512
3508954733e234c3780bfbe90ad2daefdd38180a3483036575976cbfa443f9e57e378d20dc9304d091e38998a1b426cfd928355bbc65b42d3052df1b28fcce60
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
b0558a51f9c5a3d3d23ce79daead5b7be2889a6c0a4b54269f568f441fb78432
-
Size
289KB
-
MD5
30e4fde190bab62906af6c5a634673e6
-
SHA1
60db39f970ea8b8739bd3bba5ed2839b2c676d5e
-
SHA256
b0558a51f9c5a3d3d23ce79daead5b7be2889a6c0a4b54269f568f441fb78432
-
SHA512
3508954733e234c3780bfbe90ad2daefdd38180a3483036575976cbfa443f9e57e378d20dc9304d091e38998a1b426cfd928355bbc65b42d3052df1b28fcce60
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-