General
-
Target
81a2775b7b9bf259b47878b933c24ded22ae7c9ef7b19888116c0d11757d801e
-
Size
296KB
-
Sample
220124-qklztsegf7
-
MD5
ad20932ba534756ec926ab2b2c1410a8
-
SHA1
1472b0cc26e85d53750e4f35690b1c61bb97f60e
-
SHA256
81a2775b7b9bf259b47878b933c24ded22ae7c9ef7b19888116c0d11757d801e
-
SHA512
cbfff5bfa023f37ce7abee24f6e3c1fd3cadc7392c0ca13d479f243d83cb01805e7d90a862277b2e2e94eba693b9f5afa332f51dc0d5da86066733236a2132d7
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
81a2775b7b9bf259b47878b933c24ded22ae7c9ef7b19888116c0d11757d801e
-
Size
296KB
-
MD5
ad20932ba534756ec926ab2b2c1410a8
-
SHA1
1472b0cc26e85d53750e4f35690b1c61bb97f60e
-
SHA256
81a2775b7b9bf259b47878b933c24ded22ae7c9ef7b19888116c0d11757d801e
-
SHA512
cbfff5bfa023f37ce7abee24f6e3c1fd3cadc7392c0ca13d479f243d83cb01805e7d90a862277b2e2e94eba693b9f5afa332f51dc0d5da86066733236a2132d7
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-