General
-
Target
5d292b8f8fc6e8e3105c46f56084e048e45e258da0380667486b8df6fa506458
-
Size
269KB
-
Sample
220122-etyjfahee9
-
MD5
213a09a3f6041ef57a1b54d812a841f4
-
SHA1
f75b82673acb2425e30b2f263edc188cbf071d02
-
SHA256
5d292b8f8fc6e8e3105c46f56084e048e45e258da0380667486b8df6fa506458
-
SHA512
ef463914a3f791821d81d5924e93974d3ee857607a73034012f648c0bcbbdd6a64a35c68d53422dc5221ed907aa5127f41fb140e4301fb282aac8544e94300b3
Static task
static1
Malware Config
Extracted
arkei
Default
http://file-file-host4.com/tratata.php
Targets
-
-
Target
5d292b8f8fc6e8e3105c46f56084e048e45e258da0380667486b8df6fa506458
-
Size
269KB
-
MD5
213a09a3f6041ef57a1b54d812a841f4
-
SHA1
f75b82673acb2425e30b2f263edc188cbf071d02
-
SHA256
5d292b8f8fc6e8e3105c46f56084e048e45e258da0380667486b8df6fa506458
-
SHA512
ef463914a3f791821d81d5924e93974d3ee857607a73034012f648c0bcbbdd6a64a35c68d53422dc5221ed907aa5127f41fb140e4301fb282aac8544e94300b3
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-