General
-
Target
d98aa8abf8b60d5974d46a539b2bd55e9a78837ef5baace17d553cf88fabde3d
-
Size
302KB
-
Sample
220119-mt4pfshah8
-
MD5
2614990e3af18836e12b471f1e0816b4
-
SHA1
abc44d2f699f55f20a3bd2556d4ecec633ddcbff
-
SHA256
d98aa8abf8b60d5974d46a539b2bd55e9a78837ef5baace17d553cf88fabde3d
-
SHA512
915025e9eeda6fa7eaf1d8e161d22c5b7719b0b8974b9f3b5bc3ece3b4ebd1f91544577ec1c4a6e943b516d24b75c783e72ca179d64c46e182604c1829b1ee19
Static task
static1
Behavioral task
behavioral1
Sample
d98aa8abf8b60d5974d46a539b2bd55e9a78837ef5baace17d553cf88fabde3d.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
d98aa8abf8b60d5974d46a539b2bd55e9a78837ef5baace17d553cf88fabde3d
-
Size
302KB
-
MD5
2614990e3af18836e12b471f1e0816b4
-
SHA1
abc44d2f699f55f20a3bd2556d4ecec633ddcbff
-
SHA256
d98aa8abf8b60d5974d46a539b2bd55e9a78837ef5baace17d553cf88fabde3d
-
SHA512
915025e9eeda6fa7eaf1d8e161d22c5b7719b0b8974b9f3b5bc3ece3b4ebd1f91544577ec1c4a6e943b516d24b75c783e72ca179d64c46e182604c1829b1ee19
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-