General
-
Target
8a5429f7e1423b0b4defee3fff4d6fbb441ed36af2183dc8aa1e819caaa01d33
-
Size
301KB
-
Sample
220118-wmamgacdgl
-
MD5
2b94493fdc403a0ae4b69dc8beccb6da
-
SHA1
39d03e8eae8240e7b862eae246c81650b1d6915b
-
SHA256
8a5429f7e1423b0b4defee3fff4d6fbb441ed36af2183dc8aa1e819caaa01d33
-
SHA512
0c5dc33d2aa3d1f5b948f35e629e97020d3e5730a508892436937501f9d6befb71d60e708ad00f8b5c55b89cd0c38b26acd3fb92c45d486be1cd719459202502
Static task
static1
Behavioral task
behavioral1
Sample
8a5429f7e1423b0b4defee3fff4d6fbb441ed36af2183dc8aa1e819caaa01d33.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
8a5429f7e1423b0b4defee3fff4d6fbb441ed36af2183dc8aa1e819caaa01d33
-
Size
301KB
-
MD5
2b94493fdc403a0ae4b69dc8beccb6da
-
SHA1
39d03e8eae8240e7b862eae246c81650b1d6915b
-
SHA256
8a5429f7e1423b0b4defee3fff4d6fbb441ed36af2183dc8aa1e819caaa01d33
-
SHA512
0c5dc33d2aa3d1f5b948f35e629e97020d3e5730a508892436937501f9d6befb71d60e708ad00f8b5c55b89cd0c38b26acd3fb92c45d486be1cd719459202502
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-