General
-
Target
13e58efe75d56dc96f1cc86a86a8fb41d39836b17285a86f480e7bf4c0c9b99c
-
Size
270KB
-
Sample
220123-b2sflseah2
-
MD5
a9b85a2ca9b474fc3c5ba70ff1578622
-
SHA1
6ce247663855fdc4f8ef1928cf440fe66af962f3
-
SHA256
13e58efe75d56dc96f1cc86a86a8fb41d39836b17285a86f480e7bf4c0c9b99c
-
SHA512
7e1afd1e2a975e6885ec4d51fc5ff06555fc76a9531ad74bf129a9d860a47e6fff7be909771ab7a8a09d5ae534fe73456cadd4844fc59e97733e6d0904aea691
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
13e58efe75d56dc96f1cc86a86a8fb41d39836b17285a86f480e7bf4c0c9b99c
-
Size
270KB
-
MD5
a9b85a2ca9b474fc3c5ba70ff1578622
-
SHA1
6ce247663855fdc4f8ef1928cf440fe66af962f3
-
SHA256
13e58efe75d56dc96f1cc86a86a8fb41d39836b17285a86f480e7bf4c0c9b99c
-
SHA512
7e1afd1e2a975e6885ec4d51fc5ff06555fc76a9531ad74bf129a9d860a47e6fff7be909771ab7a8a09d5ae534fe73456cadd4844fc59e97733e6d0904aea691
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-