arkei | 456929e5e3076663907d4edb20324e4513bcd4846583e6460baf5a1808e3bc4f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

456929e5e3076663907d4edb20324e4513bcd4846583e6460baf5a1808e3bc4f
Size

342KB
Sample

211116-kmfb6schg6
MD5

1b0e4e52f021de8f4d0fb5ac89ddfa21
SHA1

a8a2378ff48cc90e1b2a551d1724a124c910d614
SHA256

456929e5e3076663907d4edb20324e4513bcd4846583e6460baf5a1808e3bc4f
SHA512

25e842dbd7f298bf7ee4127983140f275e521d34e4047ca3b7d22e75ffde542ee55a494e17e80186872b75476a16b5020e1e02850c7efb4aad3bd94bcb49bc86

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

456929e5e3076663907d4edb20324e4513bcd4846583e6460baf5a1808e3bc4f.exe

Resource

win10-en-20211014

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  456929e5e3076663907d4edb20324e4513bcd4846583e6460baf5a1808e3bc4f
- Size
  
  342KB
- MD5
  
  1b0e4e52f021de8f4d0fb5ac89ddfa21
- SHA1
  
  a8a2378ff48cc90e1b2a551d1724a124c910d614
- SHA256
  
  456929e5e3076663907d4edb20324e4513bcd4846583e6460baf5a1808e3bc4f
- SHA512
  
  25e842dbd7f298bf7ee4127983140f275e521d34e4047ca3b7d22e75ffde542ee55a494e17e80186872b75476a16b5020e1e02850c7efb4aad3bd94bcb49bc86
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy