General
-
Target
daba39751adfa70493d869e6d99234021566da061f0e560b0b3069d4b0c7016b
-
Size
305KB
-
Sample
220118-tqbmtscaa3
-
MD5
52b59a2e4054095d5819b244df2520b0
-
SHA1
bc800f1c66e24e019457961068e6280b67566899
-
SHA256
daba39751adfa70493d869e6d99234021566da061f0e560b0b3069d4b0c7016b
-
SHA512
b7bcd7902dabc2b7c4cf056df0637f1d62126876ddb1bfb319e6dd7700215ce72fb92063563319cd15a4b8930701d434817c02ce1d771f1f239fcca3638192e8
Static task
static1
Behavioral task
behavioral1
Sample
daba39751adfa70493d869e6d99234021566da061f0e560b0b3069d4b0c7016b.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
daba39751adfa70493d869e6d99234021566da061f0e560b0b3069d4b0c7016b
-
Size
305KB
-
MD5
52b59a2e4054095d5819b244df2520b0
-
SHA1
bc800f1c66e24e019457961068e6280b67566899
-
SHA256
daba39751adfa70493d869e6d99234021566da061f0e560b0b3069d4b0c7016b
-
SHA512
b7bcd7902dabc2b7c4cf056df0637f1d62126876ddb1bfb319e6dd7700215ce72fb92063563319cd15a4b8930701d434817c02ce1d771f1f239fcca3638192e8
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-