General
-
Target
79a64484f6019383b118350c93a61e22bdc63ed01f477926d6afaf496488f926
-
Size
223KB
-
Sample
220127-trljesgbf2
-
MD5
09c3c14acab048d8dd46713eb259912c
-
SHA1
9151295da02a33697caf5e4eb0913d30940d7f4d
-
SHA256
79a64484f6019383b118350c93a61e22bdc63ed01f477926d6afaf496488f926
-
SHA512
dfdc247fc1b48f27a0066dd3a285b7eb31ac9b70a5228549b1bdb7bf922d1bf72a51df248eb4f65fbadda947e3f941836bbc61393892f0d12a7029e507f068cf
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
79a64484f6019383b118350c93a61e22bdc63ed01f477926d6afaf496488f926
-
Size
223KB
-
MD5
09c3c14acab048d8dd46713eb259912c
-
SHA1
9151295da02a33697caf5e4eb0913d30940d7f4d
-
SHA256
79a64484f6019383b118350c93a61e22bdc63ed01f477926d6afaf496488f926
-
SHA512
dfdc247fc1b48f27a0066dd3a285b7eb31ac9b70a5228549b1bdb7bf922d1bf72a51df248eb4f65fbadda947e3f941836bbc61393892f0d12a7029e507f068cf
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-