arkei | 7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
Size

300KB
Sample

220118-3r6zsseab7
MD5

f4e3dd57654a5f44ea0a3dcb76dc2318
SHA1

745864540d8636ebdb6ef57ae3fcd6a8de62d55a
SHA256

7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
SHA512

70945ad461bf4f68f356a813bfbcaf0592755f67b57c7e2c5bf7fe8b3cd26da5faaed3b5ba7e54b8910bcffef14f242c84f8d575d9b3ed515fb43ec5e773d597

Score

10^/10

arkei homesteadr discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec.exe

Resource

win10-en-20211208

arkei homesteadr discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

homesteadr

C2

http://homesteadr.link/ggate.php

Targets

- Target
  
  7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
- Size
  
  300KB
- MD5
  
  f4e3dd57654a5f44ea0a3dcb76dc2318
- SHA1
  
  745864540d8636ebdb6ef57ae3fcd6a8de62d55a
- SHA256
  
  7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
- SHA512
  
  70945ad461bf4f68f356a813bfbcaf0592755f67b57c7e2c5bf7fe8b3cd26da5faaed3b5ba7e54b8910bcffef14f242c84f8d575d9b3ed515fb43ec5e773d597
Score

10^/10

arkei homesteadr discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeihomesteadrdiscoveryspywarestealer

© 2018-2024

Terms | Privacy