arkei | 5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
Size

334KB
Sample

220117-sm25yaaha2
MD5

1188bc52b0ec4e95fb03f5f29d7453f0
SHA1

effafe44d91cac9eb3774daac610a30ace6853a9
SHA256

5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
SHA512

27db249b046c1d53e37922b75423b0dd19d36593f918ed619c07ab994cdf5bcf73d229a127b14cf9a36cf9a264bcf53d265798924b589f734303847eb9dbec85

Score

10^/10

arkei homesteadr discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326.exe

Resource

win10-en-20211208

arkei homesteadr discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

homesteadr

C2

http://homesteadr.link/ggate.php

Targets

- Target
  
  5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
- Size
  
  334KB
- MD5
  
  1188bc52b0ec4e95fb03f5f29d7453f0
- SHA1
  
  effafe44d91cac9eb3774daac610a30ace6853a9
- SHA256
  
  5a694697d35ffe0c0f1f48d67b674b8de448fd217860240175c760c505dfd326
- SHA512
  
  27db249b046c1d53e37922b75423b0dd19d36593f918ed619c07ab994cdf5bcf73d229a127b14cf9a36cf9a264bcf53d265798924b589f734303847eb9dbec85
Score

10^/10

arkei homesteadr discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeihomesteadrdiscoveryspywarestealer

© 2018-2024

Terms | Privacy