General
-
Target
75d951dda5a49ccc2fdbc7053f2d11b4a3730d82aa085d7e820f135a8db6b781
-
Size
307KB
-
Sample
220118-qhqj8sbce5
-
MD5
a434d44650dd34e0abb48ce92045084d
-
SHA1
26a8fad3c19efc8fedea7de1f54b0cbb82bd40b3
-
SHA256
75d951dda5a49ccc2fdbc7053f2d11b4a3730d82aa085d7e820f135a8db6b781
-
SHA512
af6c720b062d88fc8c85596fcedfba92de8a27b13f7124a7c7051596063c75e4c955d1a5e453d3e7b3eb0af866467be41f9f8b99c9d71b356bd0ceb74d29ade0
Static task
static1
Behavioral task
behavioral1
Sample
75d951dda5a49ccc2fdbc7053f2d11b4a3730d82aa085d7e820f135a8db6b781.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
75d951dda5a49ccc2fdbc7053f2d11b4a3730d82aa085d7e820f135a8db6b781
-
Size
307KB
-
MD5
a434d44650dd34e0abb48ce92045084d
-
SHA1
26a8fad3c19efc8fedea7de1f54b0cbb82bd40b3
-
SHA256
75d951dda5a49ccc2fdbc7053f2d11b4a3730d82aa085d7e820f135a8db6b781
-
SHA512
af6c720b062d88fc8c85596fcedfba92de8a27b13f7124a7c7051596063c75e4c955d1a5e453d3e7b3eb0af866467be41f9f8b99c9d71b356bd0ceb74d29ade0
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-