General
-
Target
84f51e459a36769acfd0423f4e0acc5b5f49cdda7eaeb185deefedbd0f42651f
-
Size
296KB
-
Sample
220124-zzdrfaaedj
-
MD5
f02060bcee7f00ab129e0c1d1be983c5
-
SHA1
c7d5b12b06d86bddf226372e8cb7d5039ae2c8e8
-
SHA256
84f51e459a36769acfd0423f4e0acc5b5f49cdda7eaeb185deefedbd0f42651f
-
SHA512
da42ea050c750ebe6a8805a9a142ab1d4261025e27958c260f682712ceacad53305ec6718154e2e91eda48dcffe458cef4fac9cf20c5448e2f89230aa501bcaf
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
84f51e459a36769acfd0423f4e0acc5b5f49cdda7eaeb185deefedbd0f42651f
-
Size
296KB
-
MD5
f02060bcee7f00ab129e0c1d1be983c5
-
SHA1
c7d5b12b06d86bddf226372e8cb7d5039ae2c8e8
-
SHA256
84f51e459a36769acfd0423f4e0acc5b5f49cdda7eaeb185deefedbd0f42651f
-
SHA512
da42ea050c750ebe6a8805a9a142ab1d4261025e27958c260f682712ceacad53305ec6718154e2e91eda48dcffe458cef4fac9cf20c5448e2f89230aa501bcaf
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-