General
-
Target
b6d9e2a59b311542ff821b5dd7ea30ee620ecaa8d3a7863530191a7038a83428
-
Size
281KB
-
Sample
220123-k23e9afff4
-
MD5
ad93b5a37b19822a405b5830b12cb6ef
-
SHA1
2f3ff62636556d36fb1fcd0e5e88abdcdf6c9c3c
-
SHA256
b6d9e2a59b311542ff821b5dd7ea30ee620ecaa8d3a7863530191a7038a83428
-
SHA512
6921fa429187aa705709dfe33add2de26a51d26f281f1e72064bb7e2317165196f431d3223e0b221b1ae57a2b0a2ee6708ce2f1cafdcbf52814c36276a48d7b1
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
b6d9e2a59b311542ff821b5dd7ea30ee620ecaa8d3a7863530191a7038a83428
-
Size
281KB
-
MD5
ad93b5a37b19822a405b5830b12cb6ef
-
SHA1
2f3ff62636556d36fb1fcd0e5e88abdcdf6c9c3c
-
SHA256
b6d9e2a59b311542ff821b5dd7ea30ee620ecaa8d3a7863530191a7038a83428
-
SHA512
6921fa429187aa705709dfe33add2de26a51d26f281f1e72064bb7e2317165196f431d3223e0b221b1ae57a2b0a2ee6708ce2f1cafdcbf52814c36276a48d7b1
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-