Extracted

• • Target

    MIXONE.file

  • Size

    268KB

  • MD5

    27dc719db81a482a554dfa94992c53fe

  • SHA1

    61ab59cc71f745afa1c4668ffba8253b4b2b52d6

  • SHA256

    90c0e76b7fee7b989428081fb1a754f45c3c0bee42131a03dbb1450d370dd793

  • SHA512

    9ef986d23b4b9a3dc7d4eb0f1c5f819fb41938df35c512ec57fdfda49be2c58a7ad503165f3475d93f470b2bbd1afc1bddff56ba2139f3706643b01056514c95

  Score

  10^/10

  arkeidefaultdiscoveryspywarestealersuricata

  • Arkei

    Arkei is an infostealer written in C++.

    stealerarkei

  • suricata: ET MALWARE Win32/Vidar Variant/Mars CnC Activity (GET)

    suricata: ET MALWARE Win32/Vidar Variant/Mars CnC Activity (GET)

    suricata

  • suricata: ET MALWARE Win32/Vidar Variant/Mars Stealer CnC Exfil

    suricata: ET MALWARE Win32/Vidar Variant/Mars Stealer CnC Exfil

    suricata

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2