General
-
Target
8f2aaff5c39cde521bb77a5fab659fdaf90eb95e16fae7f20f146bf681f55738
-
Size
274KB
-
Sample
220127-j7kxqahghr
-
MD5
3f34758153d9df8e590d337c7c0f45d1
-
SHA1
b19f5e0147d0c10522a43fc961fb9b59ceddd3fa
-
SHA256
8f2aaff5c39cde521bb77a5fab659fdaf90eb95e16fae7f20f146bf681f55738
-
SHA512
574c30478ceecccf4150a15d92651ca63f9e73818dbc0d7d45bef750e602e53042d0578561a99739237e4329ab7de9cc7d8099dd688554c96fed7f1ef6f4715e
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
8f2aaff5c39cde521bb77a5fab659fdaf90eb95e16fae7f20f146bf681f55738
-
Size
274KB
-
MD5
3f34758153d9df8e590d337c7c0f45d1
-
SHA1
b19f5e0147d0c10522a43fc961fb9b59ceddd3fa
-
SHA256
8f2aaff5c39cde521bb77a5fab659fdaf90eb95e16fae7f20f146bf681f55738
-
SHA512
574c30478ceecccf4150a15d92651ca63f9e73818dbc0d7d45bef750e602e53042d0578561a99739237e4329ab7de9cc7d8099dd688554c96fed7f1ef6f4715e
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-