Extracted

• • Target

    malware_sample_1.bin

  • Size

    6.5MB

  • MD5

    a32eeaba767a13b7e0393ba3d2d321a2

  • SHA1

    5d32333358d94655c5da06febe2d4a90c41130c6

  • SHA256

    f651132897ef5dacc40ea8f34d3427003e119685b6bed93ed4a411f84f4795d0

  • SHA512

    b392db6153b4f5a553d7e85f414be59e219ad9d18fdf44fd90b6b97f0bbfd92376ccc2eb96be47e865c27474447e71401bb594b679a14a6e38bd6da1ec0e2ee7

  • SSDEEP

    98304:pH7CgqLPRPYv7cZuwYx72XPo0+Xv6zV470d7pz7dTH3OHMNsZlQUafCyr3Ey6Nh1:d+gqLKB2pscuopz7dTeNmfCyk+2OPhi

  Score

  10^/10

  arkeibabadedadefaultcrypterloaderstealer

  • Arkei

    Arkei is an infostealer written in C++.

    stealerarkei

  • Babadeda

    Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.

    loadercrypterbabadeda

  • Babadeda Crypter

  • Executes dropped EXE

  • Loads dropped DLL

  • Blocklisted process makes network request

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2