arkei | e9130b26cd5d24909f16818fd14ffee5c9d593ad6ef4fac66a87deea66c0297e | Triage

Submit
Reports

Overview

overview

Static

static

061b1bb8e3...ae.exe

windows7_x64

3

061b1bb8e3...ae.exe

windows10-2004_x64

Sharing

General

Target

061b1bb8e381639bb2d8c4dae9f2f0ae
Size

184KB
Sample

220211-f5e2xachem
MD5

061b1bb8e381639bb2d8c4dae9f2f0ae
SHA1

18d73ea6ceeab727f0f1aacc76e2b76f0cc724aa
SHA256

e9130b26cd5d24909f16818fd14ffee5c9d593ad6ef4fac66a87deea66c0297e
SHA512

2e3b7d9a6074d11d21ce6282593485afc0b965216a1ffced05841eb11df6616d09624bc9e09c2a9502bde9bf3db2fcb125c41bf86ec780a9ee6bae68733ae56b

Score

10^/10

arkei homesteadr stealer

Static task

static1

stealer homesteadr arkei

Behavioral task

behavioral1

Sample

061b1bb8e381639bb2d8c4dae9f2f0ae.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

061b1bb8e381639bb2d8c4dae9f2f0ae.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

homesteadr

C2

http://homesteadr.link/ggate.php

Targets

- Target
  
  061b1bb8e381639bb2d8c4dae9f2f0ae
- Size
  
  184KB
- MD5
  
  061b1bb8e381639bb2d8c4dae9f2f0ae
- SHA1
  
  18d73ea6ceeab727f0f1aacc76e2b76f0cc724aa
- SHA256
  
  e9130b26cd5d24909f16818fd14ffee5c9d593ad6ef4fac66a87deea66c0297e
- SHA512
  
  2e3b7d9a6074d11d21ce6282593485afc0b965216a1ffced05841eb11df6616d09624bc9e09c2a9502bde9bf3db2fcb125c41bf86ec780a9ee6bae68733ae56b
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerhomesteadrarkei

behavioral1

behavioral2

© 2018-2024

Terms | Privacy