General
-
Target
7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
-
Size
300KB
-
Sample
220118-3r6zsseab7
-
MD5
f4e3dd57654a5f44ea0a3dcb76dc2318
-
SHA1
745864540d8636ebdb6ef57ae3fcd6a8de62d55a
-
SHA256
7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
-
SHA512
70945ad461bf4f68f356a813bfbcaf0592755f67b57c7e2c5bf7fe8b3cd26da5faaed3b5ba7e54b8910bcffef14f242c84f8d575d9b3ed515fb43ec5e773d597
Static task
static1
Behavioral task
behavioral1
Sample
7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
-
Size
300KB
-
MD5
f4e3dd57654a5f44ea0a3dcb76dc2318
-
SHA1
745864540d8636ebdb6ef57ae3fcd6a8de62d55a
-
SHA256
7dc608b2ed8df7e31c1926b1270b619aa58396d43c451a73f85eb8e04ccb49ec
-
SHA512
70945ad461bf4f68f356a813bfbcaf0592755f67b57c7e2c5bf7fe8b3cd26da5faaed3b5ba7e54b8910bcffef14f242c84f8d575d9b3ed515fb43ec5e773d597
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-