General
-
Target
d842d71ea0f942cfaca868b5a59b841302ac221fcd0de2c7e753933843f2e44e
-
Size
282KB
-
Sample
220123-veaf3agcb2
-
MD5
11a2e731978dc57fcb7f13104b0bacf2
-
SHA1
fadb60dc24d40ccbab37e4ad55e7adf4668ab64b
-
SHA256
d842d71ea0f942cfaca868b5a59b841302ac221fcd0de2c7e753933843f2e44e
-
SHA512
c08f223bc4f4bd4b4864c6af81875994430bcc82df003afd53ca327d554853cbda88bbafbf063d99febb0413a741a194c96f9fdf91d46d4de120cf3a186cfd8d
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
d842d71ea0f942cfaca868b5a59b841302ac221fcd0de2c7e753933843f2e44e
-
Size
282KB
-
MD5
11a2e731978dc57fcb7f13104b0bacf2
-
SHA1
fadb60dc24d40ccbab37e4ad55e7adf4668ab64b
-
SHA256
d842d71ea0f942cfaca868b5a59b841302ac221fcd0de2c7e753933843f2e44e
-
SHA512
c08f223bc4f4bd4b4864c6af81875994430bcc82df003afd53ca327d554853cbda88bbafbf063d99febb0413a741a194c96f9fdf91d46d4de120cf3a186cfd8d
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-