General
-
Target
dbe53cc0be5df4f960fb997069326e144d4c843c70624856a4954b3e4287833d
-
Size
271KB
-
Sample
220122-px215sbae9
-
MD5
c828ec6da5136463ef6ee84ce1e92521
-
SHA1
826e40b65e5da4236f3e8d108cd92ad2d131f433
-
SHA256
dbe53cc0be5df4f960fb997069326e144d4c843c70624856a4954b3e4287833d
-
SHA512
4dbb862e39db5cfb2515df79057e2e6aaa97a408ddfa6690a6f9df918d3a7f2e6394ee653d3f70862f1d4837769a1237bbae784fbded9219a0f07b048da38402
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
dbe53cc0be5df4f960fb997069326e144d4c843c70624856a4954b3e4287833d
-
Size
271KB
-
MD5
c828ec6da5136463ef6ee84ce1e92521
-
SHA1
826e40b65e5da4236f3e8d108cd92ad2d131f433
-
SHA256
dbe53cc0be5df4f960fb997069326e144d4c843c70624856a4954b3e4287833d
-
SHA512
4dbb862e39db5cfb2515df79057e2e6aaa97a408ddfa6690a6f9df918d3a7f2e6394ee653d3f70862f1d4837769a1237bbae784fbded9219a0f07b048da38402
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-