General
-
Target
d8bfbc2104555afb38e177a7b083f0a920bc553491cefabb7c2a47294e8654bc
-
Size
282KB
-
Sample
220123-x1wmjagdc5
-
MD5
4d82597c1089e0bd0bca256a7a142897
-
SHA1
6670da7946e92517cbc62a7737abc926c3e45a4c
-
SHA256
d8bfbc2104555afb38e177a7b083f0a920bc553491cefabb7c2a47294e8654bc
-
SHA512
e39c5ec3e0979768f185fa7019fb3ce6633472623bdab34293387c8401aa9a3a474e059e7d03463a0955fccba125f83307b1fc2d83fe6b26f8315cf28a4bc5c0
Static task
static1
Malware Config
Extracted
arkei
Default
http://homesteadr.link/ggate.php
Targets
-
-
Target
d8bfbc2104555afb38e177a7b083f0a920bc553491cefabb7c2a47294e8654bc
-
Size
282KB
-
MD5
4d82597c1089e0bd0bca256a7a142897
-
SHA1
6670da7946e92517cbc62a7737abc926c3e45a4c
-
SHA256
d8bfbc2104555afb38e177a7b083f0a920bc553491cefabb7c2a47294e8654bc
-
SHA512
e39c5ec3e0979768f185fa7019fb3ce6633472623bdab34293387c8401aa9a3a474e059e7d03463a0955fccba125f83307b1fc2d83fe6b26f8315cf28a4bc5c0
-
Arkei Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-