General
-
Target
158eaa03c633320e4c5900479eadb87ab13979ec202c2f5cb1b6b84c71c475d5
-
Size
336KB
-
Sample
220126-ma6ppsbfgm
-
MD5
6818dfb1466ca9910b7d804438ceb1f2
-
SHA1
762dd67c63c9e8a5516aeb4381875744a6e0c2a0
-
SHA256
158eaa03c633320e4c5900479eadb87ab13979ec202c2f5cb1b6b84c71c475d5
-
SHA512
776905c887dffd9825e1e4fda2cd6a5183db81199b2bbc409d12eef640b77f9d0be0eec3678db9c3af1650b6f482050124a761ac079302d71ffab06e45e46582
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
158eaa03c633320e4c5900479eadb87ab13979ec202c2f5cb1b6b84c71c475d5
-
Size
336KB
-
MD5
6818dfb1466ca9910b7d804438ceb1f2
-
SHA1
762dd67c63c9e8a5516aeb4381875744a6e0c2a0
-
SHA256
158eaa03c633320e4c5900479eadb87ab13979ec202c2f5cb1b6b84c71c475d5
-
SHA512
776905c887dffd9825e1e4fda2cd6a5183db81199b2bbc409d12eef640b77f9d0be0eec3678db9c3af1650b6f482050124a761ac079302d71ffab06e45e46582
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-