General
-
Target
c23f0a0bcafd4460019f9badd517761e218f235615b59b1ce1df8ef9e0fbb20f
-
Size
300KB
-
Sample
220119-ajg2gsebhk
-
MD5
e211fdd73af8aeee9420898a540b1a37
-
SHA1
2258925ea00cde885370075ba8d6d1b4bfb0bbcc
-
SHA256
c23f0a0bcafd4460019f9badd517761e218f235615b59b1ce1df8ef9e0fbb20f
-
SHA512
9644d0786b5dae0a4997e6deee8b3ac79c33579391f798831f2f5c2b7c8b58589734dfb48309af364d5c08b520f0e6bcac5b0ab0f6fe595840b5a72260a7f41e
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
c23f0a0bcafd4460019f9badd517761e218f235615b59b1ce1df8ef9e0fbb20f
-
Size
300KB
-
MD5
e211fdd73af8aeee9420898a540b1a37
-
SHA1
2258925ea00cde885370075ba8d6d1b4bfb0bbcc
-
SHA256
c23f0a0bcafd4460019f9badd517761e218f235615b59b1ce1df8ef9e0fbb20f
-
SHA512
9644d0786b5dae0a4997e6deee8b3ac79c33579391f798831f2f5c2b7c8b58589734dfb48309af364d5c08b520f0e6bcac5b0ab0f6fe595840b5a72260a7f41e
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-