General
-
Target
61c7908ba5cb2fca5b0e24b646c46e94.exe
-
Size
306KB
-
Sample
220118-w2nsmscedm
-
MD5
61c7908ba5cb2fca5b0e24b646c46e94
-
SHA1
61338a93574b9208586254caa4ad79f99d4e2a32
-
SHA256
39d0842cd4309ea2140bd8f4cffd0af9fe686e8262ac7430933b8f6b9445a137
-
SHA512
3399c0859af3593d3355a7abb64e9d6630746b881564be4c12c5cb7b33682b45d35f0370f8d4ed115d5dc4b17b8dc568bc7c4419a9b751ebb4b9a1e533ae210a
Static task
static1
Behavioral task
behavioral1
Sample
61c7908ba5cb2fca5b0e24b646c46e94.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
61c7908ba5cb2fca5b0e24b646c46e94.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
61c7908ba5cb2fca5b0e24b646c46e94.exe
-
Size
306KB
-
MD5
61c7908ba5cb2fca5b0e24b646c46e94
-
SHA1
61338a93574b9208586254caa4ad79f99d4e2a32
-
SHA256
39d0842cd4309ea2140bd8f4cffd0af9fe686e8262ac7430933b8f6b9445a137
-
SHA512
3399c0859af3593d3355a7abb64e9d6630746b881564be4c12c5cb7b33682b45d35f0370f8d4ed115d5dc4b17b8dc568bc7c4419a9b751ebb4b9a1e533ae210a
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-