General
-
Target
e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
-
Size
332KB
-
Sample
220121-rrbccahgb9
-
MD5
208b0d3b4acd00ea58d106f7f003da04
-
SHA1
031e54f096fe96533c175db092101a928d416d01
-
SHA256
e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
-
SHA512
2c3d3ed23c6c79daab1e25c921479d80433b101d480584b76aac1b5ba5e336651144d191b3a4477c424028baf8de6942986329a598be5f07dfdad51a914abcf5
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
-
Size
332KB
-
MD5
208b0d3b4acd00ea58d106f7f003da04
-
SHA1
031e54f096fe96533c175db092101a928d416d01
-
SHA256
e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
-
SHA512
2c3d3ed23c6c79daab1e25c921479d80433b101d480584b76aac1b5ba5e336651144d191b3a4477c424028baf8de6942986329a598be5f07dfdad51a914abcf5
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-