General
-
Target
0f9a717444f812d49bbb87f16561e1d8da522bb3d9a30bb5f09ebdb532c9c562
-
Size
301KB
-
Sample
220119-nw243shdhj
-
MD5
b4efdd58975f59ca62d47a0da1504995
-
SHA1
71a7111311e60bd671343549e2a08cc61730d415
-
SHA256
0f9a717444f812d49bbb87f16561e1d8da522bb3d9a30bb5f09ebdb532c9c562
-
SHA512
3ce3678f472bc07c94e4844ef799d140bd8fdd2a93e79132a811cef6deb1e9a0136036859ff069992a2272a70d152e30417e6d6941ad893fdd0304f68e34b30b
Static task
static1
Behavioral task
behavioral1
Sample
0f9a717444f812d49bbb87f16561e1d8da522bb3d9a30bb5f09ebdb532c9c562.exe
Resource
win10-en-20211208
Malware Config
Extracted
arkei
homesteadr
http://homesteadr.link/ggate.php
Targets
-
-
Target
0f9a717444f812d49bbb87f16561e1d8da522bb3d9a30bb5f09ebdb532c9c562
-
Size
301KB
-
MD5
b4efdd58975f59ca62d47a0da1504995
-
SHA1
71a7111311e60bd671343549e2a08cc61730d415
-
SHA256
0f9a717444f812d49bbb87f16561e1d8da522bb3d9a30bb5f09ebdb532c9c562
-
SHA512
3ce3678f472bc07c94e4844ef799d140bd8fdd2a93e79132a811cef6deb1e9a0136036859ff069992a2272a70d152e30417e6d6941ad893fdd0304f68e34b30b
Score10/10-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-