General
-
Target
80197eee9cb90d398b4a9f3a258c82c5d4eb59901fa3d3540faed43c20c798c4
-
Size
284KB
-
Sample
220123-3jce8agee2
-
MD5
d8e570914349c99d41478010f4c66650
-
SHA1
62066215cf371b2d1e25d31c48ab660f37b6ed93
-
SHA256
80197eee9cb90d398b4a9f3a258c82c5d4eb59901fa3d3540faed43c20c798c4
-
SHA512
db77d2908db015106e057d0855980191c241a5933e5e2fa709693450b8044d6ca18efe7da8f5ac9787d6a28aa280b3c06c6958f1b8eb68cde9d90303d40ba54c
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
80197eee9cb90d398b4a9f3a258c82c5d4eb59901fa3d3540faed43c20c798c4
-
Size
284KB
-
MD5
d8e570914349c99d41478010f4c66650
-
SHA1
62066215cf371b2d1e25d31c48ab660f37b6ed93
-
SHA256
80197eee9cb90d398b4a9f3a258c82c5d4eb59901fa3d3540faed43c20c798c4
-
SHA512
db77d2908db015106e057d0855980191c241a5933e5e2fa709693450b8044d6ca18efe7da8f5ac9787d6a28aa280b3c06c6958f1b8eb68cde9d90303d40ba54c
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-