General
-
Target
6be42ed6a3afb09943ab02276160a0e1a86a1693f26d67a3d63bb6e0be20cf3f
-
Size
334KB
-
Sample
220117-rksm2sahgr
-
MD5
ecbd4c97c87ff2829d899c6089d3ac4c
-
SHA1
dbc5caec7e3973df9421016dddca03eb9f16c6d3
-
SHA256
6be42ed6a3afb09943ab02276160a0e1a86a1693f26d67a3d63bb6e0be20cf3f
-
SHA512
ce932a4cd8a8c28a685bf20112489db15a22524e20d1351b151e51694f6d00c74bc3c059f121ca7ae76e51a51e09dd07ed00926aa2161f07041c3428de7e4662
Static task
static1
Behavioral task
behavioral1
Sample
6be42ed6a3afb09943ab02276160a0e1a86a1693f26d67a3d63bb6e0be20cf3f.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
6be42ed6a3afb09943ab02276160a0e1a86a1693f26d67a3d63bb6e0be20cf3f
-
Size
334KB
-
MD5
ecbd4c97c87ff2829d899c6089d3ac4c
-
SHA1
dbc5caec7e3973df9421016dddca03eb9f16c6d3
-
SHA256
6be42ed6a3afb09943ab02276160a0e1a86a1693f26d67a3d63bb6e0be20cf3f
-
SHA512
ce932a4cd8a8c28a685bf20112489db15a22524e20d1351b151e51694f6d00c74bc3c059f121ca7ae76e51a51e09dd07ed00926aa2161f07041c3428de7e4662
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-