General
-
Target
42ca7cd2590a000ef1bfaf8793d35788541ee296d6702403f4af368f09c72317
-
Size
282KB
-
Sample
220123-njxc3agaa9
-
MD5
61709d6215dfc2bf975026ef3293c523
-
SHA1
160453f4ffe90b9372b19ccb230123f7ca2b4641
-
SHA256
42ca7cd2590a000ef1bfaf8793d35788541ee296d6702403f4af368f09c72317
-
SHA512
b7ce869c3e786e6dd314e9bea4f0633ebec03a2ba1614a1ac11605b60f1e3c2254345c9945e6fca1fd37116528875693cd207930b657a61e0f1dce3659803d32
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
42ca7cd2590a000ef1bfaf8793d35788541ee296d6702403f4af368f09c72317
-
Size
282KB
-
MD5
61709d6215dfc2bf975026ef3293c523
-
SHA1
160453f4ffe90b9372b19ccb230123f7ca2b4641
-
SHA256
42ca7cd2590a000ef1bfaf8793d35788541ee296d6702403f4af368f09c72317
-
SHA512
b7ce869c3e786e6dd314e9bea4f0633ebec03a2ba1614a1ac11605b60f1e3c2254345c9945e6fca1fd37116528875693cd207930b657a61e0f1dce3659803d32
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-