General
-
Target
cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
-
Size
223KB
-
Sample
220127-y3k49aadf9
-
MD5
5276563d00841a2319159f9a3865b238
-
SHA1
aed4a91c722d1e5d2fc61e75eefdf5638ed3c1ce
-
SHA256
cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
-
SHA512
2650445596381e908083f18f5ede9c2e544f087e38466ceed55d6990eacea575371ba8ca9aa6d8e752e4f39b8f4d62a0df748ad29c72742491a4434e6aae92b3
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
-
Size
223KB
-
MD5
5276563d00841a2319159f9a3865b238
-
SHA1
aed4a91c722d1e5d2fc61e75eefdf5638ed3c1ce
-
SHA256
cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
-
SHA512
2650445596381e908083f18f5ede9c2e544f087e38466ceed55d6990eacea575371ba8ca9aa6d8e752e4f39b8f4d62a0df748ad29c72742491a4434e6aae92b3
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-