General
-
Target
bd3486e075b172b83321b895819f06bf7312cda2f24f41afb817bdfb9b3ad084
-
Size
309KB
-
Sample
220131-317yfseda2
-
MD5
51333d00f617296e7cfaf04324665f0d
-
SHA1
ae9be7d2eadd0cded786eb7c77947a0b85532a49
-
SHA256
bd3486e075b172b83321b895819f06bf7312cda2f24f41afb817bdfb9b3ad084
-
SHA512
35271794bf12cad569bf46710885fc0e0bbf4e1e36503fe0b2f7f76f47d883a56f64e7a6eb4b3470c2568b32ffdca090b3867aa5fd108922d717ec2a9183cd4a
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
bd3486e075b172b83321b895819f06bf7312cda2f24f41afb817bdfb9b3ad084
-
Size
309KB
-
MD5
51333d00f617296e7cfaf04324665f0d
-
SHA1
ae9be7d2eadd0cded786eb7c77947a0b85532a49
-
SHA256
bd3486e075b172b83321b895819f06bf7312cda2f24f41afb817bdfb9b3ad084
-
SHA512
35271794bf12cad569bf46710885fc0e0bbf4e1e36503fe0b2f7f76f47d883a56f64e7a6eb4b3470c2568b32ffdca090b3867aa5fd108922d717ec2a9183cd4a
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-