General
-
Target
320221b6c23bd018b65d19f1cba818c92f66dbbc94e9b6752bab7d5fddaa3ab6
-
Size
360KB
-
Sample
220126-2hyrdsbfg2
-
MD5
1e0b9f05a7a5189106894aae673dc1df
-
SHA1
c9ae03cf1eb68372ea09b58a1f83f62058749cc3
-
SHA256
320221b6c23bd018b65d19f1cba818c92f66dbbc94e9b6752bab7d5fddaa3ab6
-
SHA512
c555d70fa424477984404f95b823cda30bf2413796db01f8c780f602d496dd709c7b8c3d5ad11927d1c8fe0bf29e70d3da845258c53bc84adbc9ab9939233756
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
320221b6c23bd018b65d19f1cba818c92f66dbbc94e9b6752bab7d5fddaa3ab6
-
Size
360KB
-
MD5
1e0b9f05a7a5189106894aae673dc1df
-
SHA1
c9ae03cf1eb68372ea09b58a1f83f62058749cc3
-
SHA256
320221b6c23bd018b65d19f1cba818c92f66dbbc94e9b6752bab7d5fddaa3ab6
-
SHA512
c555d70fa424477984404f95b823cda30bf2413796db01f8c780f602d496dd709c7b8c3d5ad11927d1c8fe0bf29e70d3da845258c53bc84adbc9ab9939233756
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-