General
-
Target
1122a61a5438c076268e09fd94745ca392f55a9612e72c9ebc08aaac0b9d792b
-
Size
324KB
-
Sample
220130-e6zl9sffg6
-
MD5
bd65e4209cc5861795567ce18cd375fa
-
SHA1
38b4827b1c8193d6786b2af93a5972c9073b2012
-
SHA256
1122a61a5438c076268e09fd94745ca392f55a9612e72c9ebc08aaac0b9d792b
-
SHA512
fe6a6b153ee25618fff8c96a7b2b18185b68f1491c54c60b7a80de7f98c920cf3cefc4d8125067b2b39829eb0cbb6516dca1b1e7115da011bd2adbb39591e452
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
1122a61a5438c076268e09fd94745ca392f55a9612e72c9ebc08aaac0b9d792b
-
Size
324KB
-
MD5
bd65e4209cc5861795567ce18cd375fa
-
SHA1
38b4827b1c8193d6786b2af93a5972c9073b2012
-
SHA256
1122a61a5438c076268e09fd94745ca392f55a9612e72c9ebc08aaac0b9d792b
-
SHA512
fe6a6b153ee25618fff8c96a7b2b18185b68f1491c54c60b7a80de7f98c920cf3cefc4d8125067b2b39829eb0cbb6516dca1b1e7115da011bd2adbb39591e452
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-