General
-
Target
85e0288ab181e6faee67b168cfd959d58a9e5fce131be37ed732cd61b4d53baf
-
Size
309KB
-
Sample
220119-a4hhraecf7
-
MD5
48d8715b7e3f2a39f0c80b2b7049ed88
-
SHA1
090b90d228dff1997ca1109417a52d848454d060
-
SHA256
85e0288ab181e6faee67b168cfd959d58a9e5fce131be37ed732cd61b4d53baf
-
SHA512
39e364e8ddca0e52d3f4fe62408447949df4eb5062e8546ea5f9fc7e5e35aebea98a6ee1a7f7aebcb07b483f816a1aa6698c4e8a616946bc7faf75cba035dc68
Static task
static1
Behavioral task
behavioral1
Sample
85e0288ab181e6faee67b168cfd959d58a9e5fce131be37ed732cd61b4d53baf.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
85e0288ab181e6faee67b168cfd959d58a9e5fce131be37ed732cd61b4d53baf
-
Size
309KB
-
MD5
48d8715b7e3f2a39f0c80b2b7049ed88
-
SHA1
090b90d228dff1997ca1109417a52d848454d060
-
SHA256
85e0288ab181e6faee67b168cfd959d58a9e5fce131be37ed732cd61b4d53baf
-
SHA512
39e364e8ddca0e52d3f4fe62408447949df4eb5062e8546ea5f9fc7e5e35aebea98a6ee1a7f7aebcb07b483f816a1aa6698c4e8a616946bc7faf75cba035dc68
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-