General
-
Target
b61a7d42c05513e8b2b44fd852d1a1a9ec354cf10dba1f9adfcc6e74bf42970c
-
Size
302KB
-
Sample
220118-xyb54scff4
-
MD5
6ae028524c1af780e20967c1e048f9fc
-
SHA1
c6a34d2aec9481ceb50134ed4b18800359641bdc
-
SHA256
b61a7d42c05513e8b2b44fd852d1a1a9ec354cf10dba1f9adfcc6e74bf42970c
-
SHA512
c52b6cd12122c823e56aa5316af02368c73f7eda59e299f3c36cf0bd8be8fdd9ee489d066d7368d9d92315240190ae8411a61269e5cff60e06383da5d34a2bee
Static task
static1
Behavioral task
behavioral1
Sample
b61a7d42c05513e8b2b44fd852d1a1a9ec354cf10dba1f9adfcc6e74bf42970c.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
b61a7d42c05513e8b2b44fd852d1a1a9ec354cf10dba1f9adfcc6e74bf42970c
-
Size
302KB
-
MD5
6ae028524c1af780e20967c1e048f9fc
-
SHA1
c6a34d2aec9481ceb50134ed4b18800359641bdc
-
SHA256
b61a7d42c05513e8b2b44fd852d1a1a9ec354cf10dba1f9adfcc6e74bf42970c
-
SHA512
c52b6cd12122c823e56aa5316af02368c73f7eda59e299f3c36cf0bd8be8fdd9ee489d066d7368d9d92315240190ae8411a61269e5cff60e06383da5d34a2bee
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-