General
-
Target
436f7ca14f861d6e30aa8bb48aaa9150c213cbfdb61f34b323ef15e80856d85a
-
Size
326KB
-
Sample
220118-jv6nnaabg7
-
MD5
e003e3eb86cdbc6cf21f43f01162c453
-
SHA1
296413c4635ba66f240af1fbf9f89f445529ab65
-
SHA256
436f7ca14f861d6e30aa8bb48aaa9150c213cbfdb61f34b323ef15e80856d85a
-
SHA512
0f0b908fe9f44b4a0dc5028ee637f1c6c78e356b118253a4bb689c40fe18921722884a3e25f8b00725ef73e77f5b4d221e292cd66f2a96ee6ae5628f98d6f832
Static task
static1
Behavioral task
behavioral1
Sample
436f7ca14f861d6e30aa8bb48aaa9150c213cbfdb61f34b323ef15e80856d85a.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
436f7ca14f861d6e30aa8bb48aaa9150c213cbfdb61f34b323ef15e80856d85a
-
Size
326KB
-
MD5
e003e3eb86cdbc6cf21f43f01162c453
-
SHA1
296413c4635ba66f240af1fbf9f89f445529ab65
-
SHA256
436f7ca14f861d6e30aa8bb48aaa9150c213cbfdb61f34b323ef15e80856d85a
-
SHA512
0f0b908fe9f44b4a0dc5028ee637f1c6c78e356b118253a4bb689c40fe18921722884a3e25f8b00725ef73e77f5b4d221e292cd66f2a96ee6ae5628f98d6f832
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-