General
-
Target
883611833257759acff87d77d709ece78e1bbcf5f0da7eb63ca6c6e7e9d5d472
-
Size
263KB
-
Sample
220123-j8egbsfegk
-
MD5
e7c3fd3a81e21ad3a0c0ec0b5b974e3d
-
SHA1
361f7a703bf3260eb016375b91b122b9e86e1574
-
SHA256
883611833257759acff87d77d709ece78e1bbcf5f0da7eb63ca6c6e7e9d5d472
-
SHA512
c88d0e25a550509d8303350d799913914debb0f7875119c7f15c709b79ac0a36addf006bdd64d644477607cd19df9f3e7b8190d18636ec7393434009c7e921c4
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
883611833257759acff87d77d709ece78e1bbcf5f0da7eb63ca6c6e7e9d5d472
-
Size
263KB
-
MD5
e7c3fd3a81e21ad3a0c0ec0b5b974e3d
-
SHA1
361f7a703bf3260eb016375b91b122b9e86e1574
-
SHA256
883611833257759acff87d77d709ece78e1bbcf5f0da7eb63ca6c6e7e9d5d472
-
SHA512
c88d0e25a550509d8303350d799913914debb0f7875119c7f15c709b79ac0a36addf006bdd64d644477607cd19df9f3e7b8190d18636ec7393434009c7e921c4
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-