General
-
Target
8e3563cf78b130eada9247f6452eab86385b174e74c58ae2ef5d3ac120a17d66
-
Size
263KB
-
Sample
220120-vyrvfsahaq
-
MD5
e21ca334be75534af18552333a6bd97b
-
SHA1
86c7225306276e36bf8734306342bedafd50144d
-
SHA256
8e3563cf78b130eada9247f6452eab86385b174e74c58ae2ef5d3ac120a17d66
-
SHA512
7d39bac68c3f1067e680774a79110309ac1cc20f251949bf1cd86ae9660b54a04a1add1359d5073c0e3e6a5710afb114d7ee5b733c3e6f2dc3ae18fa091eb41a
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
8e3563cf78b130eada9247f6452eab86385b174e74c58ae2ef5d3ac120a17d66
-
Size
263KB
-
MD5
e21ca334be75534af18552333a6bd97b
-
SHA1
86c7225306276e36bf8734306342bedafd50144d
-
SHA256
8e3563cf78b130eada9247f6452eab86385b174e74c58ae2ef5d3ac120a17d66
-
SHA512
7d39bac68c3f1067e680774a79110309ac1cc20f251949bf1cd86ae9660b54a04a1add1359d5073c0e3e6a5710afb114d7ee5b733c3e6f2dc3ae18fa091eb41a
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-