Overview

overview

10

Static

static

null.exe

windows7_x64

10

null.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    null

  • Size

    343KB

  • Sample

    220101-q66w5ahfg9

  • MD5

    0c9fbe2b8445f43a1407508f609a65c5

  • SHA1

    10dc04753f38e7e6050deff40a6a021e66211010

  • SHA256

    64a44191e52ba66f1a7c4e35a2911d0aadda5f4678f513fa6d1a8a1dfa3c910e

  • SHA512

    fe22b9ae47bef7d9e3e35e805dbbe1e99c0880770d018d224574930da1343770d758c342242caa8a0347329c73230a5e5808788a05abdd07eb1ebf0dd1600253

Score
10/10
arkeihomesteadrdiscoveryspywarestealer

Malware Config

Extracted

Family

arkei

Botnet

homesteadr

C2

http://homesteadr.link/ggate.php

Targets

    • Target

      null

    • Size

      343KB

    • MD5

      0c9fbe2b8445f43a1407508f609a65c5

    • SHA1

      10dc04753f38e7e6050deff40a6a021e66211010

    • SHA256

      64a44191e52ba66f1a7c4e35a2911d0aadda5f4678f513fa6d1a8a1dfa3c910e

    • SHA512

      fe22b9ae47bef7d9e3e35e805dbbe1e99c0880770d018d224574930da1343770d758c342242caa8a0347329c73230a5e5808788a05abdd07eb1ebf0dd1600253

    Score
    10/10
    arkeihomesteadrdiscoveryspywarestealer

    • Arkei

      Arkei is an infostealer written in C++.

      stealerarkei

    • Arkei Stealer Payload

      stealer

    • Downloads MZ/PE file

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.