General
-
Target
c0ac9a557eda535bd9e4de6fd2b7baa06dd6a5307d319cf28bdfe36c7ca976b2
-
Size
301KB
-
Sample
220118-z4b4eadda6
-
MD5
16e7434e47fa2f9a93ff6abbf98fbaf2
-
SHA1
8a45a43a9a9ef59c1e085dc7467a406403c0c3af
-
SHA256
c0ac9a557eda535bd9e4de6fd2b7baa06dd6a5307d319cf28bdfe36c7ca976b2
-
SHA512
689a15ae648e8703bd93470376c2485aa3ea1f64082955c665cef36c4e95f486f1c72625aad73cfd1d59eaa903cea086b7eaa4c9d482fd5ce52febdfdd6fe29a
Static task
static1
Behavioral task
behavioral1
Sample
c0ac9a557eda535bd9e4de6fd2b7baa06dd6a5307d319cf28bdfe36c7ca976b2.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
c0ac9a557eda535bd9e4de6fd2b7baa06dd6a5307d319cf28bdfe36c7ca976b2
-
Size
301KB
-
MD5
16e7434e47fa2f9a93ff6abbf98fbaf2
-
SHA1
8a45a43a9a9ef59c1e085dc7467a406403c0c3af
-
SHA256
c0ac9a557eda535bd9e4de6fd2b7baa06dd6a5307d319cf28bdfe36c7ca976b2
-
SHA512
689a15ae648e8703bd93470376c2485aa3ea1f64082955c665cef36c4e95f486f1c72625aad73cfd1d59eaa903cea086b7eaa4c9d482fd5ce52febdfdd6fe29a
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-