General
-
Target
a7b13340eb8c3ba905bbac002d90d90487f916a228cb91bbd182fd1d6d5585a4
-
Size
281KB
-
Sample
220123-tn4wlagbg7
-
MD5
01a04096d658af857ff95f2234d4fedd
-
SHA1
86f3b8ea0b006aeac27a60452bb3bfba46f1159e
-
SHA256
a7b13340eb8c3ba905bbac002d90d90487f916a228cb91bbd182fd1d6d5585a4
-
SHA512
283cb0cf82ad22885d2659278d4ad3c4f274ea94d24dce2d79fc8a35fbdd1be2e54d85aab56a02b0e5cfd430450805d5c048b86a30fdf8ffa135e86d75ec1df0
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
a7b13340eb8c3ba905bbac002d90d90487f916a228cb91bbd182fd1d6d5585a4
-
Size
281KB
-
MD5
01a04096d658af857ff95f2234d4fedd
-
SHA1
86f3b8ea0b006aeac27a60452bb3bfba46f1159e
-
SHA256
a7b13340eb8c3ba905bbac002d90d90487f916a228cb91bbd182fd1d6d5585a4
-
SHA512
283cb0cf82ad22885d2659278d4ad3c4f274ea94d24dce2d79fc8a35fbdd1be2e54d85aab56a02b0e5cfd430450805d5c048b86a30fdf8ffa135e86d75ec1df0
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-