General
-
Target
5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
-
Size
334KB
-
Sample
220117-sm25yaaha2
-
MD5
1188bc52b0ec4e95fb03f5f29d7453f0
-
SHA1
effafe44d91cac9eb3774daac610a30ace6853a9
-
SHA256
5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
-
SHA512
27db249b046c1d53e37922b75423b0dd19d36593f918ed619c07ab994cdf5bcf73d229a127b14cf9a36cf9a264bcf53d265798924b589f734303847eb9dbec85
Static task
static1
Behavioral task
behavioral1
Sample
5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
-
Size
334KB
-
MD5
1188bc52b0ec4e95fb03f5f29d7453f0
-
SHA1
effafe44d91cac9eb3774daac610a30ace6853a9
-
SHA256
5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
-
SHA512
27db249b046c1d53e37922b75423b0dd19d36593f918ed619c07ab994cdf5bcf73d229a127b14cf9a36cf9a264bcf53d265798924b589f734303847eb9dbec85
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-