General
-
Target
e34b70e62369227d9c96a0b6c09f61636229eef57b454ef398cb6935f89eebaf
-
Size
302KB
-
Sample
220119-nmsjaahddm
-
MD5
e269e23b754ecad9d8584c5d4f5348b9
-
SHA1
f05d2295cd140235a3acb1229c8f330637044a07
-
SHA256
e34b70e62369227d9c96a0b6c09f61636229eef57b454ef398cb6935f89eebaf
-
SHA512
5a04f5da530d434ac9312cafe219570e260fa4cfbfd3377acbe7414521dfde6edd911edf02f71f741877eb4cae14db87e3895f164f474f1419bae674820067df
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
e34b70e62369227d9c96a0b6c09f61636229eef57b454ef398cb6935f89eebaf
-
Size
302KB
-
MD5
e269e23b754ecad9d8584c5d4f5348b9
-
SHA1
f05d2295cd140235a3acb1229c8f330637044a07
-
SHA256
e34b70e62369227d9c96a0b6c09f61636229eef57b454ef398cb6935f89eebaf
-
SHA512
5a04f5da530d434ac9312cafe219570e260fa4cfbfd3377acbe7414521dfde6edd911edf02f71f741877eb4cae14db87e3895f164f474f1419bae674820067df
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-