Extracted

• • Target

    c920b2de025019e9a406e9b2f0ac2cbbfc18d65eac15f59ca8921c5fb4bfa240

  • Size

    5.0MB

  • MD5

    dbe9736b562b2bcce0b531fdfeaded32

  • SHA1

    a36ac4af321f97964885b801601aaee816f405d1

  • SHA256

    c920b2de025019e9a406e9b2f0ac2cbbfc18d65eac15f59ca8921c5fb4bfa240

  • SHA512

    9dc69b482a510482b6aa6992924daf39b96bb43ab9017d6919120288e3d7936717b21aa24cd12c51d64d446eecc626bdc0ddfd0222cff5fde8010d110edea849

  Score

  10^/10

  arkeibabadedadefaultcrypterloaderstealer

  • Arkei

    Arkei is an infostealer written in C++.

    stealerarkei

  • Babadeda

    Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

    loadercrypterbabadeda

  • Babadeda Crypter

  • Arkei Stealer Payload

    stealer

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  behavioral1behavioral2