General
-
Target
8623da13435ec1b0554a76a127a8e72584778982de386a7e2112368a0dbd847e
-
Size
332KB
-
Sample
220121-z98dssbcb8
-
MD5
566c28e4fe9a69265210655da3233ebd
-
SHA1
56a7918c18fe9e5cedba60153f836b6cb86f765e
-
SHA256
8623da13435ec1b0554a76a127a8e72584778982de386a7e2112368a0dbd847e
-
SHA512
01aa7306345e1690de55ac70da205f91ed918c8d4aada9f43919ce9034c21da26b34415919b34d80b976d33ed01da2373d6ea7de27a20bdd56740acc6c1990f5
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
8623da13435ec1b0554a76a127a8e72584778982de386a7e2112368a0dbd847e
-
Size
332KB
-
MD5
566c28e4fe9a69265210655da3233ebd
-
SHA1
56a7918c18fe9e5cedba60153f836b6cb86f765e
-
SHA256
8623da13435ec1b0554a76a127a8e72584778982de386a7e2112368a0dbd847e
-
SHA512
01aa7306345e1690de55ac70da205f91ed918c8d4aada9f43919ce9034c21da26b34415919b34d80b976d33ed01da2373d6ea7de27a20bdd56740acc6c1990f5
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-