General
-
Target
04fa028c6556bf1f9985022ae180ee0e94ccc7b3ba961a0c741da46bf661ced1
-
Size
351KB
-
Sample
220129-k887dahban
-
MD5
b7c96517cdb53c959ad425ba33cc09e8
-
SHA1
d1dd7d63b7a20b2b5a27ffc7f3cb6643d7feb5fd
-
SHA256
04fa028c6556bf1f9985022ae180ee0e94ccc7b3ba961a0c741da46bf661ced1
-
SHA512
03d81d967ed18a555d6da72331cf840741cbfb05c91f59c5c983c34569e01e7ab029da17d156edf6f7d9663d850df73c236330da615b0ecdb46cf9ef4531f14d
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
04fa028c6556bf1f9985022ae180ee0e94ccc7b3ba961a0c741da46bf661ced1
-
Size
351KB
-
MD5
b7c96517cdb53c959ad425ba33cc09e8
-
SHA1
d1dd7d63b7a20b2b5a27ffc7f3cb6643d7feb5fd
-
SHA256
04fa028c6556bf1f9985022ae180ee0e94ccc7b3ba961a0c741da46bf661ced1
-
SHA512
03d81d967ed18a555d6da72331cf840741cbfb05c91f59c5c983c34569e01e7ab029da17d156edf6f7d9663d850df73c236330da615b0ecdb46cf9ef4531f14d
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-