General
-
Target
a2119359504c2b6649dbc8fa6a47c41d1cb0cbe07c033a10ffbf83427ca37f4e
-
Size
301KB
-
Sample
220119-fnae4afcc7
-
MD5
1d86be0bc89fa087b69dd91f2f326f96
-
SHA1
3c8e0d7ddeef1477fb64c4ede5b6c51d1fa0cf1a
-
SHA256
a2119359504c2b6649dbc8fa6a47c41d1cb0cbe07c033a10ffbf83427ca37f4e
-
SHA512
675b0b03319018cc8f05d8d031f05e2313a47a314f826711aee4ec094d4ecc5c73f3c02b85d4b9efb035f48c96c6b4f15ae19005dfee607dbad97b047edf7b62
Static task
static1
Behavioral task
behavioral1
Sample
a2119359504c2b6649dbc8fa6a47c41d1cb0cbe07c033a10ffbf83427ca37f4e.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
a2119359504c2b6649dbc8fa6a47c41d1cb0cbe07c033a10ffbf83427ca37f4e
-
Size
301KB
-
MD5
1d86be0bc89fa087b69dd91f2f326f96
-
SHA1
3c8e0d7ddeef1477fb64c4ede5b6c51d1fa0cf1a
-
SHA256
a2119359504c2b6649dbc8fa6a47c41d1cb0cbe07c033a10ffbf83427ca37f4e
-
SHA512
675b0b03319018cc8f05d8d031f05e2313a47a314f826711aee4ec094d4ecc5c73f3c02b85d4b9efb035f48c96c6b4f15ae19005dfee607dbad97b047edf7b62
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-