General
-
Target
9f785d9c3fb2a876b7d5ba3c27381b1264200caa3b9f758271cf0139ada0044f
-
Size
281KB
-
Sample
220123-nx4pasfhhk
-
MD5
23e5939b2d9365297984685ba094f297
-
SHA1
21a58a19496ca6f65657b2313c17ff2fd104d54b
-
SHA256
9f785d9c3fb2a876b7d5ba3c27381b1264200caa3b9f758271cf0139ada0044f
-
SHA512
e0c55cb3d806ca312ea466e115c647d22f9b6b1ba873b85e723439d961878526c8bc1b284bd084dc3f9d1f42ff545c80ed29570f692d05aa210cb0a54d72fccd
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
9f785d9c3fb2a876b7d5ba3c27381b1264200caa3b9f758271cf0139ada0044f
-
Size
281KB
-
MD5
23e5939b2d9365297984685ba094f297
-
SHA1
21a58a19496ca6f65657b2313c17ff2fd104d54b
-
SHA256
9f785d9c3fb2a876b7d5ba3c27381b1264200caa3b9f758271cf0139ada0044f
-
SHA512
e0c55cb3d806ca312ea466e115c647d22f9b6b1ba873b85e723439d961878526c8bc1b284bd084dc3f9d1f42ff545c80ed29570f692d05aa210cb0a54d72fccd
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-