General
-
Target
610c38b99bd73d11369eb7b075a34e78c4bf4b9bddec4d000a13ab5ee9c75fea
-
Size
335KB
-
Sample
220117-ncq8gaaaep
-
MD5
aaa50f2d919d970a7bf7d04d5cbb6ed7
-
SHA1
611835bba0ce57b43df7118bc03c0ceacf7607a0
-
SHA256
610c38b99bd73d11369eb7b075a34e78c4bf4b9bddec4d000a13ab5ee9c75fea
-
SHA512
acd99d5616120aa6b626f44e68adec32da3052544d971cb8e78cca3652836327a65d2144c1993814a2b3b4affaa263778a8b48bdd2eeee48c3f38fe52d36d197
Static task
static1
Behavioral task
behavioral1
Sample
610c38b99bd73d11369eb7b075a34e78c4bf4b9bddec4d000a13ab5ee9c75fea.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
610c38b99bd73d11369eb7b075a34e78c4bf4b9bddec4d000a13ab5ee9c75fea
-
Size
335KB
-
MD5
aaa50f2d919d970a7bf7d04d5cbb6ed7
-
SHA1
611835bba0ce57b43df7118bc03c0ceacf7607a0
-
SHA256
610c38b99bd73d11369eb7b075a34e78c4bf4b9bddec4d000a13ab5ee9c75fea
-
SHA512
acd99d5616120aa6b626f44e68adec32da3052544d971cb8e78cca3652836327a65d2144c1993814a2b3b4affaa263778a8b48bdd2eeee48c3f38fe52d36d197
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-