General
-
Target
4eafa24f5ad51c35893a67f98ab5cef0d0b23cdca9daec7be1f7989b7b36d99e
-
Size
337KB
-
Sample
220126-txmnnsffh5
-
MD5
06a01cbb90ed2bcd7d2b1f2e7ed3d9b0
-
SHA1
9c34d617fd146db6a3ea0776a19994185f413e0e
-
SHA256
4eafa24f5ad51c35893a67f98ab5cef0d0b23cdca9daec7be1f7989b7b36d99e
-
SHA512
32942b0b0e25b79ff1b45223f19c34c425192c7f94738c3b457a6028e658aba4d97b842adb0f112d51bc9cb9aefadecded928400bdb2fafa03caf91dcce6afaf
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
4eafa24f5ad51c35893a67f98ab5cef0d0b23cdca9daec7be1f7989b7b36d99e
-
Size
337KB
-
MD5
06a01cbb90ed2bcd7d2b1f2e7ed3d9b0
-
SHA1
9c34d617fd146db6a3ea0776a19994185f413e0e
-
SHA256
4eafa24f5ad51c35893a67f98ab5cef0d0b23cdca9daec7be1f7989b7b36d99e
-
SHA512
32942b0b0e25b79ff1b45223f19c34c425192c7f94738c3b457a6028e658aba4d97b842adb0f112d51bc9cb9aefadecded928400bdb2fafa03caf91dcce6afaf
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-