General
-
Target
931d5204f4ecb12169b298e0e61c63c4f8282c3775f9270044e9be8ede19abcc
-
Size
300KB
-
Sample
220130-mb5h2aafb6
-
MD5
1803701bd6993d368e773d642685b50d
-
SHA1
6b1cd4eda9872b024b366750f37efac0e6faaa90
-
SHA256
931d5204f4ecb12169b298e0e61c63c4f8282c3775f9270044e9be8ede19abcc
-
SHA512
5124973050b4096b6b96eeec3af00bca8e5883136090df908bba4b186f07feed8752d144df84fcfb1c67e9a55271b2eb80b65ae2aa650671571fc29605d5b3ca
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
931d5204f4ecb12169b298e0e61c63c4f8282c3775f9270044e9be8ede19abcc
-
Size
300KB
-
MD5
1803701bd6993d368e773d642685b50d
-
SHA1
6b1cd4eda9872b024b366750f37efac0e6faaa90
-
SHA256
931d5204f4ecb12169b298e0e61c63c4f8282c3775f9270044e9be8ede19abcc
-
SHA512
5124973050b4096b6b96eeec3af00bca8e5883136090df908bba4b186f07feed8752d144df84fcfb1c67e9a55271b2eb80b65ae2aa650671571fc29605d5b3ca
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-