General
-
Target
4f48a180136f80e9a3b5ceff3ac8e76949497922f609ad913d8c97fef3f2fa59
-
Size
281KB
-
Sample
220123-mhc3csfhem
-
MD5
d8fd9f2b48a973329ad91b1083da2548
-
SHA1
193fbbf1f721dbc26bd220a41e2c7a617e4f1c4a
-
SHA256
4f48a180136f80e9a3b5ceff3ac8e76949497922f609ad913d8c97fef3f2fa59
-
SHA512
883939178deb2f476bbb4085a2110c79328d8d4fd035e8b96a2a0f998447a582afbf5a0be8af9e802feeab0176a350906a1213c61a9a7ed2500fa39d62afa407
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
4f48a180136f80e9a3b5ceff3ac8e76949497922f609ad913d8c97fef3f2fa59
-
Size
281KB
-
MD5
d8fd9f2b48a973329ad91b1083da2548
-
SHA1
193fbbf1f721dbc26bd220a41e2c7a617e4f1c4a
-
SHA256
4f48a180136f80e9a3b5ceff3ac8e76949497922f609ad913d8c97fef3f2fa59
-
SHA512
883939178deb2f476bbb4085a2110c79328d8d4fd035e8b96a2a0f998447a582afbf5a0be8af9e802feeab0176a350906a1213c61a9a7ed2500fa39d62afa407
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-