General
-
Target
202e658b7fa7c53bcf6ef381953b7996b3b3c46d3a9c32fc477126f7f26df0eb
-
Size
247KB
-
Sample
220131-ynzzvsbgg4
-
MD5
57b7c8d79a09b3e5ecd23aca506fffa0
-
SHA1
b8fbd9561a11f230d1622cb40affc5037577a6ef
-
SHA256
202e658b7fa7c53bcf6ef381953b7996b3b3c46d3a9c32fc477126f7f26df0eb
-
SHA512
7573d8a4514e9ff6ac3eb5e57335cdb5591b9feb8b9405dcd0744053efff4369693465d4cb5e400936c97fac6fbeb1f3fe9cc73d4139a4e33d3d542bed0cb9d6
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
202e658b7fa7c53bcf6ef381953b7996b3b3c46d3a9c32fc477126f7f26df0eb
-
Size
247KB
-
MD5
57b7c8d79a09b3e5ecd23aca506fffa0
-
SHA1
b8fbd9561a11f230d1622cb40affc5037577a6ef
-
SHA256
202e658b7fa7c53bcf6ef381953b7996b3b3c46d3a9c32fc477126f7f26df0eb
-
SHA512
7573d8a4514e9ff6ac3eb5e57335cdb5591b9feb8b9405dcd0744053efff4369693465d4cb5e400936c97fac6fbeb1f3fe9cc73d4139a4e33d3d542bed0cb9d6
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-