General
-
Target
d84b26694278d072ae5db42f7cefae577c76d13aa41f9029e26d551a74a3c161
-
Size
350KB
-
Sample
220125-nakmxafab9
-
MD5
b3a861c3933910bbded253d24b8ebc97
-
SHA1
99f17a40ffdce1633a2b0e19322e3e3b504e00e0
-
SHA256
d84b26694278d072ae5db42f7cefae577c76d13aa41f9029e26d551a74a3c161
-
SHA512
b74a841b7e6659d547d3294cdd609b4e728d36980bc3ce6b00baa9ccd0673e51822698ac99edf5e1548264bf99b58265e879cffbd76b74283f9273292b2ec5c4
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
d84b26694278d072ae5db42f7cefae577c76d13aa41f9029e26d551a74a3c161
-
Size
350KB
-
MD5
b3a861c3933910bbded253d24b8ebc97
-
SHA1
99f17a40ffdce1633a2b0e19322e3e3b504e00e0
-
SHA256
d84b26694278d072ae5db42f7cefae577c76d13aa41f9029e26d551a74a3c161
-
SHA512
b74a841b7e6659d547d3294cdd609b4e728d36980bc3ce6b00baa9ccd0673e51822698ac99edf5e1548264bf99b58265e879cffbd76b74283f9273292b2ec5c4
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-