General
-
Target
82d785c9e53721ede7a9cb3ff7fd8b3e94b2eb908496238f6bcf1ec9e48cae0c
-
Size
281KB
-
Sample
220123-sm4nrsgahp
-
MD5
1f5b86c5da6edda1c95ac16a27cf2436
-
SHA1
ea5d4478868cd7e31306d45561e245b84e9c8e56
-
SHA256
82d785c9e53721ede7a9cb3ff7fd8b3e94b2eb908496238f6bcf1ec9e48cae0c
-
SHA512
27faffe791c8222d09014ec1ff02dfdffb7b12ac306f1bcda765b45566f7e6b4c4bda3a5ba5ddf8dd0503b0b91b4a83028bf420230349ee273fb1b79d429977c
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
82d785c9e53721ede7a9cb3ff7fd8b3e94b2eb908496238f6bcf1ec9e48cae0c
-
Size
281KB
-
MD5
1f5b86c5da6edda1c95ac16a27cf2436
-
SHA1
ea5d4478868cd7e31306d45561e245b84e9c8e56
-
SHA256
82d785c9e53721ede7a9cb3ff7fd8b3e94b2eb908496238f6bcf1ec9e48cae0c
-
SHA512
27faffe791c8222d09014ec1ff02dfdffb7b12ac306f1bcda765b45566f7e6b4c4bda3a5ba5ddf8dd0503b0b91b4a83028bf420230349ee273fb1b79d429977c
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-