General
-
Target
6cab2a11a2da8d68688e2312222fb60b3bf5de6a77a9bd945331b4d72b7938b1
-
Size
266KB
-
Sample
220131-em1efsfdb2
-
MD5
92e8a29ad8c7b2e38fa032ba88295dbd
-
SHA1
78b1e1f919f2a41f9a42e5970dafbea17e69707d
-
SHA256
6cab2a11a2da8d68688e2312222fb60b3bf5de6a77a9bd945331b4d72b7938b1
-
SHA512
cc01ba9ca099440f3e4ad8e9cdbbeafcc4d71756474039592d5bc2b75463dac9029afcf206a63b550968568f73769d5c0690a864ee7cbb3afa5e7305892239b3
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
6cab2a11a2da8d68688e2312222fb60b3bf5de6a77a9bd945331b4d72b7938b1
-
Size
266KB
-
MD5
92e8a29ad8c7b2e38fa032ba88295dbd
-
SHA1
78b1e1f919f2a41f9a42e5970dafbea17e69707d
-
SHA256
6cab2a11a2da8d68688e2312222fb60b3bf5de6a77a9bd945331b4d72b7938b1
-
SHA512
cc01ba9ca099440f3e4ad8e9cdbbeafcc4d71756474039592d5bc2b75463dac9029afcf206a63b550968568f73769d5c0690a864ee7cbb3afa5e7305892239b3
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-