General
-
Target
c67d8630849687bd8aeb1079e2b5d564d9ada444f71a7087a285975a9ef0052e
-
Size
300KB
-
Sample
220130-nt5r7abcb2
-
MD5
767897fe374dff44f478e5b339e07a50
-
SHA1
761e7169a54504a7060fb26ab75ccc6c93d0fd25
-
SHA256
c67d8630849687bd8aeb1079e2b5d564d9ada444f71a7087a285975a9ef0052e
-
SHA512
51fb266900b23769f60ebac9ae928a7b55f86dc6adbea8a383b5bfac7a8384e4a407291ccceaa02c238fe446dfff291af7679277080d5dc87971068d419af2d1
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
c67d8630849687bd8aeb1079e2b5d564d9ada444f71a7087a285975a9ef0052e
-
Size
300KB
-
MD5
767897fe374dff44f478e5b339e07a50
-
SHA1
761e7169a54504a7060fb26ab75ccc6c93d0fd25
-
SHA256
c67d8630849687bd8aeb1079e2b5d564d9ada444f71a7087a285975a9ef0052e
-
SHA512
51fb266900b23769f60ebac9ae928a7b55f86dc6adbea8a383b5bfac7a8384e4a407291ccceaa02c238fe446dfff291af7679277080d5dc87971068d419af2d1
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-