General
-
Target
6b69cb418ad294934cd1b1cc9abcd29c0ee00f9954bed6a659ac88c5c1a1675b
-
Size
270KB
-
Sample
220121-3zhl6sdgg6
-
MD5
22bcfefc916a0a73fdf7e15e5f280e53
-
SHA1
97808414e66c01bacc609be2e337bf1328dbe2dd
-
SHA256
6b69cb418ad294934cd1b1cc9abcd29c0ee00f9954bed6a659ac88c5c1a1675b
-
SHA512
ff0794865cbc2231ceb393893fbdb80840460d640fb47d335f493bcd7f1fe4c1943b0eabd9e68c98c2e5a7a1f003b2db24513536648eb743fde356832d29e794
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
6b69cb418ad294934cd1b1cc9abcd29c0ee00f9954bed6a659ac88c5c1a1675b
-
Size
270KB
-
MD5
22bcfefc916a0a73fdf7e15e5f280e53
-
SHA1
97808414e66c01bacc609be2e337bf1328dbe2dd
-
SHA256
6b69cb418ad294934cd1b1cc9abcd29c0ee00f9954bed6a659ac88c5c1a1675b
-
SHA512
ff0794865cbc2231ceb393893fbdb80840460d640fb47d335f493bcd7f1fe4c1943b0eabd9e68c98c2e5a7a1f003b2db24513536648eb743fde356832d29e794
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-