General
-
Target
malware_sample_1.bin
-
Size
6.5MB
-
Sample
231224-h1stbaadan
-
MD5
a32eeaba767a13b7e0393ba3d2d321a2
-
SHA1
5d32333358d94655c5da06febe2d4a90c41130c6
-
SHA256
f651132897ef5dacc40ea8f34d3427003e119685b6bed93ed4a411f84f4795d0
-
SHA512
b392db6153b4f5a553d7e85f414be59e219ad9d18fdf44fd90b6b97f0bbfd92376ccc2eb96be47e865c27474447e71401bb594b679a14a6e38bd6da1ec0e2ee7
-
SSDEEP
98304:pH7CgqLPRPYv7cZuwYx72XPo0+Xv6zV470d7pz7dTH3OHMNsZlQUafCyr3Ey6Nh1:d+gqLKB2pscuopz7dTeNmfCyk+2OPhi
Malware Config
Extracted
arkei
Default
185.215.113.39/7vlcKuayFx.php
Targets
-
-
Target
malware_sample_1.bin
-
Size
6.5MB
-
MD5
a32eeaba767a13b7e0393ba3d2d321a2
-
SHA1
5d32333358d94655c5da06febe2d4a90c41130c6
-
SHA256
f651132897ef5dacc40ea8f34d3427003e119685b6bed93ed4a411f84f4795d0
-
SHA512
b392db6153b4f5a553d7e85f414be59e219ad9d18fdf44fd90b6b97f0bbfd92376ccc2eb96be47e865c27474447e71401bb594b679a14a6e38bd6da1ec0e2ee7
-
SSDEEP
98304:pH7CgqLPRPYv7cZuwYx72XPo0+Xv6zV470d7pz7dTH3OHMNsZlQUafCyr3Ey6Nh1:d+gqLKB2pscuopz7dTeNmfCyk+2OPhi
Score10/10-
Arkei
Arkei is an infostealer written in C++.
-
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
-
Babadeda Crypter
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-