General
-
Target
15275b40230387e57540a565f4e8fb665c1e22e4ff14097dc576b7636f6231d8
-
Size
302KB
-
Sample
220119-xgkqxscdg4
-
MD5
d34f1345d04b9881d5cc91b4dc622df8
-
SHA1
586f2ce86fee282667ac3ab6a44789ee7cbb19c9
-
SHA256
15275b40230387e57540a565f4e8fb665c1e22e4ff14097dc576b7636f6231d8
-
SHA512
f6577357686557f11c494baf05713247835c503e390f0c0d3e430935f581bed0083721a83c423f10208bb7a658750862c128ee70a11a84c595f2d2738d6e4a5e
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
15275b40230387e57540a565f4e8fb665c1e22e4ff14097dc576b7636f6231d8
-
Size
302KB
-
MD5
d34f1345d04b9881d5cc91b4dc622df8
-
SHA1
586f2ce86fee282667ac3ab6a44789ee7cbb19c9
-
SHA256
15275b40230387e57540a565f4e8fb665c1e22e4ff14097dc576b7636f6231d8
-
SHA512
f6577357686557f11c494baf05713247835c503e390f0c0d3e430935f581bed0083721a83c423f10208bb7a658750862c128ee70a11a84c595f2d2738d6e4a5e
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-