General
-
Target
a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
-
Size
224KB
-
Sample
220127-r4aataedel
-
MD5
51841abd04b187f389f4aa801e3e1fdb
-
SHA1
2068ec3fc0f91beedc11444bec5948417c47534f
-
SHA256
a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
-
SHA512
6505e6ab4943e0c2ffdabccf450deb075d8d75785900a6f1b11d0079d57269b74a6f325f6c43997f93ad6cb05e1676e3b1f6424bd4bfc621b9bc2cd02967fd8c
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
-
Size
224KB
-
MD5
51841abd04b187f389f4aa801e3e1fdb
-
SHA1
2068ec3fc0f91beedc11444bec5948417c47534f
-
SHA256
a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
-
SHA512
6505e6ab4943e0c2ffdabccf450deb075d8d75785900a6f1b11d0079d57269b74a6f325f6c43997f93ad6cb05e1676e3b1f6424bd4bfc621b9bc2cd02967fd8c
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-