arkei | a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a | Triage

Submit
Reports

Overview

overview

Static

static

a9dea10c6d...in.exe

windows7_x64

a9dea10c6d...in.exe

windows10_x64

Resubmissions

14-10-2021 15:13

211014-slznesafgr 10

13-10-2021 11:15

211013-ncl9hsdggp 10

Sharing

General

Target

a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a.bin
Size

311KB
Sample

211014-slznesafgr
MD5

0050729426253655c88625a8ad93d7a2
SHA1

a8ea376bc26eba3ff32e72cb2bf43cccfa1c87d7
SHA256

a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a
SHA512

1947c78aba1933c3da2eed125d760bf7c4b3bf75a113139a22db0d2f1e1e3e8b4640c0330b5220712275884567daf9548467a96747fb550fc8cb24dfc989d37c

Score

10^/10

arkei default spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a.bin.exe

Resource

win7-en-20210920

arkei default spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a.bin.exe

Resource

win10-en-20210920

arkei default spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://game2030.link/ggate.php

Targets

- Target
  
  a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a.bin
- Size
  
  311KB
- MD5
  
  0050729426253655c88625a8ad93d7a2
- SHA1
  
  a8ea376bc26eba3ff32e72cb2bf43cccfa1c87d7
- SHA256
  
  a9dea10c6d4d205faab1ac8db69384e9c3dc91fd5a718266957e4e164f76cd4a
- SHA512
  
  1947c78aba1933c3da2eed125d760bf7c4b3bf75a113139a22db0d2f1e1e3e8b4640c0330b5220712275884567daf9548467a96747fb550fc8cb24dfc989d37c
Score

10^/10

arkei default spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Suspicious use of NtCreateProcessExOtherParentProcess
- Arkei Stealer Payload
  stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultspywarestealer

behavioral2

arkeidefaultspywarestealer

© 2018-2024

Terms | Privacy