General
-
Target
0afd67d737e1995c326c9ebbb8ba6d59842bdabc98dd5565777c47b594493031
-
Size
331KB
-
Sample
220121-j9czwsedaq
-
MD5
8b56a88e5572a06724c6196f9b9cae68
-
SHA1
05b0e19d1bc32a88f7641c41d2bfd0754c9daac0
-
SHA256
0afd67d737e1995c326c9ebbb8ba6d59842bdabc98dd5565777c47b594493031
-
SHA512
d4981eca71101d6c87c0784db99be2a02f46f4d4c06837ba6783c3c4f2a033e76b7f58629814d3249f02253871bc9fb339e19ed83b2a4c9b11270cb713b93f2e
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
0afd67d737e1995c326c9ebbb8ba6d59842bdabc98dd5565777c47b594493031
-
Size
331KB
-
MD5
8b56a88e5572a06724c6196f9b9cae68
-
SHA1
05b0e19d1bc32a88f7641c41d2bfd0754c9daac0
-
SHA256
0afd67d737e1995c326c9ebbb8ba6d59842bdabc98dd5565777c47b594493031
-
SHA512
d4981eca71101d6c87c0784db99be2a02f46f4d4c06837ba6783c3c4f2a033e76b7f58629814d3249f02253871bc9fb339e19ed83b2a4c9b11270cb713b93f2e
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-