General
-
Target
7b27e9b6cb3902e6ddd534eba92b76f7f1005bba91cbc9e2dd7b2dfe52368dcb
-
Size
282KB
-
Sample
220123-s3dsaagbaq
-
MD5
02739bf33cf039a96d01546605ed0b99
-
SHA1
2e971699ca690f30edd55bbc320cde1b26eea47d
-
SHA256
7b27e9b6cb3902e6ddd534eba92b76f7f1005bba91cbc9e2dd7b2dfe52368dcb
-
SHA512
60c8ed59e1471de36ca13961cb59f5e4e0271cc0e00ee2fbe3bf6d871580f538d3e7ee634c48ba7b35a12f733f0c9fc08a729bfb1c6ed6e0cd1db2bf9039f6a9
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
7b27e9b6cb3902e6ddd534eba92b76f7f1005bba91cbc9e2dd7b2dfe52368dcb
-
Size
282KB
-
MD5
02739bf33cf039a96d01546605ed0b99
-
SHA1
2e971699ca690f30edd55bbc320cde1b26eea47d
-
SHA256
7b27e9b6cb3902e6ddd534eba92b76f7f1005bba91cbc9e2dd7b2dfe52368dcb
-
SHA512
60c8ed59e1471de36ca13961cb59f5e4e0271cc0e00ee2fbe3bf6d871580f538d3e7ee634c48ba7b35a12f733f0c9fc08a729bfb1c6ed6e0cd1db2bf9039f6a9
-
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-