General
-
Target
7f99c7b1447a685806a792c1ea92ea290f52e75b6640fa0cc5850558297c39ab
-
Size
323KB
-
Sample
220129-y4f7paheg3
-
MD5
d4f1bd0e888db88770786649a476b1ea
-
SHA1
a350f591edb23111ef0e89dec5eb240c00744542
-
SHA256
7f99c7b1447a685806a792c1ea92ea290f52e75b6640fa0cc5850558297c39ab
-
SHA512
8fffb5dbf5d4d7a339ddf73024c2273c151b73e97d942b72a238ea69afae4f44436fbd1179c49bea836a5750fd653871ba6f49c02a0f7cdf12a56ce6017c5734
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
7f99c7b1447a685806a792c1ea92ea290f52e75b6640fa0cc5850558297c39ab
-
Size
323KB
-
MD5
d4f1bd0e888db88770786649a476b1ea
-
SHA1
a350f591edb23111ef0e89dec5eb240c00744542
-
SHA256
7f99c7b1447a685806a792c1ea92ea290f52e75b6640fa0cc5850558297c39ab
-
SHA512
8fffb5dbf5d4d7a339ddf73024c2273c151b73e97d942b72a238ea69afae4f44436fbd1179c49bea836a5750fd653871ba6f49c02a0f7cdf12a56ce6017c5734
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-