General
-
Target
5d0a9c2874aa124ccaf2e6c0f365fc424a19a63b8ca79a71aad7522baf013ee2
-
Size
307KB
-
Sample
220118-qs1sysbda8
-
MD5
519d9edff24b60f6a4e14f5dbc0c98dd
-
SHA1
3a8b9d09251b52c0535de0aa6fb129f6b79ba1b1
-
SHA256
5d0a9c2874aa124ccaf2e6c0f365fc424a19a63b8ca79a71aad7522baf013ee2
-
SHA512
449e3a9d1e84c4d2bd909014da4f90881f4890af512c6eed4f0da27c7668dfc913677bd7d14cd27c137fb620d9961add51aeee129734152e3e3dc83b959ea7f1
Static task
static1
Behavioral task
behavioral1
Sample
5d0a9c2874aa124ccaf2e6c0f365fc424a19a63b8ca79a71aad7522baf013ee2.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
5d0a9c2874aa124ccaf2e6c0f365fc424a19a63b8ca79a71aad7522baf013ee2
-
Size
307KB
-
MD5
519d9edff24b60f6a4e14f5dbc0c98dd
-
SHA1
3a8b9d09251b52c0535de0aa6fb129f6b79ba1b1
-
SHA256
5d0a9c2874aa124ccaf2e6c0f365fc424a19a63b8ca79a71aad7522baf013ee2
-
SHA512
449e3a9d1e84c4d2bd909014da4f90881f4890af512c6eed4f0da27c7668dfc913677bd7d14cd27c137fb620d9961add51aeee129734152e3e3dc83b959ea7f1
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-