General
-
Target
6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
-
Size
296KB
-
Sample
220124-nw5j7seec3
-
MD5
77c272073874b7bb8c0bae37a03c2886
-
SHA1
7d596e44ec63dda132a6f4bf2cdc979d50abb36a
-
SHA256
6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
-
SHA512
cb35f4133c57572613b7d06c95f3e3b77590eae5d0847fc401d463ff2d625f051b22365e8bf7303261a726640c10ca849432ea8d119b30f5c8fb92b7c620584d
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
-
Size
296KB
-
MD5
77c272073874b7bb8c0bae37a03c2886
-
SHA1
7d596e44ec63dda132a6f4bf2cdc979d50abb36a
-
SHA256
6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
-
SHA512
cb35f4133c57572613b7d06c95f3e3b77590eae5d0847fc401d463ff2d625f051b22365e8bf7303261a726640c10ca849432ea8d119b30f5c8fb92b7c620584d
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-