General
-
Target
307c3a3e746077f92c004d42191ce0d7f9af2fb40b451351dd2ccf5f1d2fdc01
-
Size
302KB
-
Sample
220119-wrnd5acbfk
-
MD5
903b00d2e4e414dcaa20aef5b1c189ad
-
SHA1
7823484fd211c4e45e3d0eaab6ef8a0e94803e71
-
SHA256
307c3a3e746077f92c004d42191ce0d7f9af2fb40b451351dd2ccf5f1d2fdc01
-
SHA512
2a1e328ee7a126c7daedcd4e2bb1ca34f0687e6f38404129d38b2fda18e1a9861b607f419b136028b989a91e1698ead075e3b204af080edcee09270e15e171a7
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
307c3a3e746077f92c004d42191ce0d7f9af2fb40b451351dd2ccf5f1d2fdc01
-
Size
302KB
-
MD5
903b00d2e4e414dcaa20aef5b1c189ad
-
SHA1
7823484fd211c4e45e3d0eaab6ef8a0e94803e71
-
SHA256
307c3a3e746077f92c004d42191ce0d7f9af2fb40b451351dd2ccf5f1d2fdc01
-
SHA512
2a1e328ee7a126c7daedcd4e2bb1ca34f0687e6f38404129d38b2fda18e1a9861b607f419b136028b989a91e1698ead075e3b204af080edcee09270e15e171a7
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-