General
-
Target
e069ce2651bc7095e62c6a919fee34c696eb76995b5ef58d5311d89218847fd0
-
Size
312KB
-
Sample
220201-p2gk1ahbd9
-
MD5
b0bbaf3e1970109f616a5681c4db46a5
-
SHA1
4409a2fd3c5009f48d109f33e9a9d55e8b7ac991
-
SHA256
e069ce2651bc7095e62c6a919fee34c696eb76995b5ef58d5311d89218847fd0
-
SHA512
85bea639e018813494d9d9cddc6ee4aa22019266563efaea707f4d86abf5557abc3f63a1c6480884d705e0cc4958ee568207d7e1623d6b94048eaaecd52cbd71
Static task
static1
Malware Config
Extracted
arkei
Default
http://coin-file-file-19.com/tratata.php
Targets
-
-
Target
e069ce2651bc7095e62c6a919fee34c696eb76995b5ef58d5311d89218847fd0
-
Size
312KB
-
MD5
b0bbaf3e1970109f616a5681c4db46a5
-
SHA1
4409a2fd3c5009f48d109f33e9a9d55e8b7ac991
-
SHA256
e069ce2651bc7095e62c6a919fee34c696eb76995b5ef58d5311d89218847fd0
-
SHA512
85bea639e018813494d9d9cddc6ee4aa22019266563efaea707f4d86abf5557abc3f63a1c6480884d705e0cc4958ee568207d7e1623d6b94048eaaecd52cbd71
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-