General
-
Target
cc0445fb1543b87407d2b01cc2f74ab16b465f41f309ab741d108b4472070ef3
-
Size
350KB
-
Sample
220129-nf88fsacen
-
MD5
4f01e91b04ae5c731e6bf40f63a3b3a0
-
SHA1
16e01fb104f7cf0dc97c2dc4e3b4cab483ebd3b2
-
SHA256
cc0445fb1543b87407d2b01cc2f74ab16b465f41f309ab741d108b4472070ef3
-
SHA512
a6f86d382e015ef37251fc5671ebbf15738f43f3c749f152ff3f537611b4d298c0e5e0e7c3fed7b60b8c6b56f99aa59f7683a3181fffed167911093820028aec
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
cc0445fb1543b87407d2b01cc2f74ab16b465f41f309ab741d108b4472070ef3
-
Size
350KB
-
MD5
4f01e91b04ae5c731e6bf40f63a3b3a0
-
SHA1
16e01fb104f7cf0dc97c2dc4e3b4cab483ebd3b2
-
SHA256
cc0445fb1543b87407d2b01cc2f74ab16b465f41f309ab741d108b4472070ef3
-
SHA512
a6f86d382e015ef37251fc5671ebbf15738f43f3c749f152ff3f537611b4d298c0e5e0e7c3fed7b60b8c6b56f99aa59f7683a3181fffed167911093820028aec
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-