General
-
Target
a5afe601a68280d63b7d3cb7aef638ac7a15c09d0fa09955adcd01a6cdaa4427
-
Size
302KB
-
Sample
220119-lkhvysgfh3
-
MD5
0f4ece90a584436338f935883db38be6
-
SHA1
74b0ed92e2d3c1f4f544bc0195586c74a57eaa58
-
SHA256
a5afe601a68280d63b7d3cb7aef638ac7a15c09d0fa09955adcd01a6cdaa4427
-
SHA512
1147f44c33f8b299802f0315250dc31e096ac3b0135bd8918dc443dea089b51353bcac709c7282c422c5425af8a8649cccb25fbf525f35550d9f00d65030c422
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
a5afe601a68280d63b7d3cb7aef638ac7a15c09d0fa09955adcd01a6cdaa4427
-
Size
302KB
-
MD5
0f4ece90a584436338f935883db38be6
-
SHA1
74b0ed92e2d3c1f4f544bc0195586c74a57eaa58
-
SHA256
a5afe601a68280d63b7d3cb7aef638ac7a15c09d0fa09955adcd01a6cdaa4427
-
SHA512
1147f44c33f8b299802f0315250dc31e096ac3b0135bd8918dc443dea089b51353bcac709c7282c422c5425af8a8649cccb25fbf525f35550d9f00d65030c422
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-