bd610b2389b0ea2a2d37bc31655de8aa44c96ea5836c873c8df49a715a57b602

General
Target

bd610b2389b0ea2a2d37bc31655de8aa44c96ea5836c873c8df49a715a57b602

Size

274KB

Sample

220127-e12vfafdgk

Score
10 /10
MD5

c0cebf58bc464d40ada9444c8c19e955

SHA1

52cc6a2c87862b1c815e843f154ec9cb66f345e9

SHA256

bd610b2389b0ea2a2d37bc31655de8aa44c96ea5836c873c8df49a715a57b602

SHA512

ed979071f02a7eaace9b393fb4b75265694fe2466c147858223351057e5513f5849830bc0170d0323956d088b9d68e5e880a262ebdc15351204649f5ee1a5490

Malware Config

Extracted

Family arkei
Botnet Default
C2

http://coin-file-file-19.com/tratata.php

Targets
Target

bd610b2389b0ea2a2d37bc31655de8aa44c96ea5836c873c8df49a715a57b602

MD5

c0cebf58bc464d40ada9444c8c19e955

Filesize

274KB

Score
10/10
SHA1

52cc6a2c87862b1c815e843f154ec9cb66f345e9

SHA256

bd610b2389b0ea2a2d37bc31655de8aa44c96ea5836c873c8df49a715a57b602

SHA512

ed979071f02a7eaace9b393fb4b75265694fe2466c147858223351057e5513f5849830bc0170d0323956d088b9d68e5e880a262ebdc15351204649f5ee1a5490

Tags

Signatures

  • Arkei

    Description

    Arkei is an infostealer written in C++.

    Tags

  • suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil

    Description

    suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil

    Tags

  • Arkei Stealer Payload

    Tags

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks