General
-
Target
44a69d629a061ae2bdc15ad9cc8ceefcb77f8e9f928d097f2858e8dcb049607d
-
Size
337KB
-
Sample
220126-jmd9faafbk
-
MD5
a435364dadbe18ed07855a558e640855
-
SHA1
3a2ffad8477960a0eecbb54a4f90f9c169317ad7
-
SHA256
44a69d629a061ae2bdc15ad9cc8ceefcb77f8e9f928d097f2858e8dcb049607d
-
SHA512
9cf4df63d059b8035eedc544b0fff8b3532d4a5c8872ae0f8c089638c0521c1cc32bbea29f5a55ebc779f938c31204df1170cf5a07f0813a1120c4341e48bc52
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
44a69d629a061ae2bdc15ad9cc8ceefcb77f8e9f928d097f2858e8dcb049607d
-
Size
337KB
-
MD5
a435364dadbe18ed07855a558e640855
-
SHA1
3a2ffad8477960a0eecbb54a4f90f9c169317ad7
-
SHA256
44a69d629a061ae2bdc15ad9cc8ceefcb77f8e9f928d097f2858e8dcb049607d
-
SHA512
9cf4df63d059b8035eedc544b0fff8b3532d4a5c8872ae0f8c089638c0521c1cc32bbea29f5a55ebc779f938c31204df1170cf5a07f0813a1120c4341e48bc52
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-