General
-
Target
f693872b15d8946ad58cdbb6ed173abccbc85488ed95ca21bc179341ed0d143b
-
Size
355KB
-
Sample
220128-q5b1csebh9
-
MD5
89a75d67af4afb298eff674b7c5516cd
-
SHA1
c420203d5c7c6de8e814d9386b42f2120bc82df2
-
SHA256
f693872b15d8946ad58cdbb6ed173abccbc85488ed95ca21bc179341ed0d143b
-
SHA512
91c289a00ec9ca5a3889da5bcc9c063fb84cb9573450cec5eca2ffb44e957e4bcd25859fea881f4198446e1e542233108ff7c06368327d95bb2cf15c5463414c
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
f693872b15d8946ad58cdbb6ed173abccbc85488ed95ca21bc179341ed0d143b
-
Size
355KB
-
MD5
89a75d67af4afb298eff674b7c5516cd
-
SHA1
c420203d5c7c6de8e814d9386b42f2120bc82df2
-
SHA256
f693872b15d8946ad58cdbb6ed173abccbc85488ed95ca21bc179341ed0d143b
-
SHA512
91c289a00ec9ca5a3889da5bcc9c063fb84cb9573450cec5eca2ffb44e957e4bcd25859fea881f4198446e1e542233108ff7c06368327d95bb2cf15c5463414c
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-