General
-
Target
3d7c499babe52f358fd0d77e0ea92c80304a9ad4c4fcb0c68213b3607902611b
-
Size
350KB
-
Sample
220125-l1lxjsdedq
-
MD5
88cb0fd2c26a1c706b083157aeb38b8b
-
SHA1
b20accf3886213a05bdd2bcaab7603d938ed5a78
-
SHA256
3d7c499babe52f358fd0d77e0ea92c80304a9ad4c4fcb0c68213b3607902611b
-
SHA512
b95f37787f398ad6b61dcedc6fec6d67812078cb6b56fe1b43b00142e2490e48398d0900fcea8abaffa685691459469687b292d6859af276e3da352b3e9108c5
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
3d7c499babe52f358fd0d77e0ea92c80304a9ad4c4fcb0c68213b3607902611b
-
Size
350KB
-
MD5
88cb0fd2c26a1c706b083157aeb38b8b
-
SHA1
b20accf3886213a05bdd2bcaab7603d938ed5a78
-
SHA256
3d7c499babe52f358fd0d77e0ea92c80304a9ad4c4fcb0c68213b3607902611b
-
SHA512
b95f37787f398ad6b61dcedc6fec6d67812078cb6b56fe1b43b00142e2490e48398d0900fcea8abaffa685691459469687b292d6859af276e3da352b3e9108c5
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-