General
-
Target
4332372a32930b7d8a70c564de7e40ba38dccffc1364028f35d39099c19d161a
-
Size
309KB
-
Sample
220201-ekv2ysghf5
-
MD5
b6288f6bc801df7b2d2dec5bf5c2cfa1
-
SHA1
53e7e804a065fa7f55fa435164430d28f5033b2e
-
SHA256
4332372a32930b7d8a70c564de7e40ba38dccffc1364028f35d39099c19d161a
-
SHA512
196979b7f4c2f962a46504263ad5d29d52beb015484d0bc15e9059af58a0441d30f2730770de5e81b8792e79da41ab8c108ff8f24e23f79a043ed8820d2ea790
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
4332372a32930b7d8a70c564de7e40ba38dccffc1364028f35d39099c19d161a
-
Size
309KB
-
MD5
b6288f6bc801df7b2d2dec5bf5c2cfa1
-
SHA1
53e7e804a065fa7f55fa435164430d28f5033b2e
-
SHA256
4332372a32930b7d8a70c564de7e40ba38dccffc1364028f35d39099c19d161a
-
SHA512
196979b7f4c2f962a46504263ad5d29d52beb015484d0bc15e9059af58a0441d30f2730770de5e81b8792e79da41ab8c108ff8f24e23f79a043ed8820d2ea790
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-