arkei | c4e7221f747d0bc8be0163bde58d138e68191346d09dceaa56425e546e2e1015 | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows10_x64
resource
win10-en-20211208
submitted
10-01-2022 11:02

Sharing

Report Analysis Logs

General

Target

c4e7221f747d0bc8be0163bde58d138e68191346d09dceaa56425e546e2e1015.exe
Size

326KB
MD5

1548323c47a7a0b7df82ea15a7d60932
SHA1

9a141b68bb74263fa7ff6d2f96591cbcdb088b61
SHA256

c4e7221f747d0bc8be0163bde58d138e68191346d09dceaa56425e546e2e1015
SHA512

8f550f026ac28ba0099777252b61c2b9206dd4c3684135e41c90f8027e133fbccc11a9c62e4ad086d9fc8097d0f0ed76e5d29cd89b023bb8d13c92c11ec46977

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/3420-116-0x0000000000600000-0x000000000061C000-memory.dmp	family_arkei
behavioral1/memory/3420-117-0x0000000000400000-0x000000000045A000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\c4e7221f747d0bc8be0163bde58d138e68191346d09dceaa56425e546e2e1015.exe
"C:\Users\Admin\AppData\Local\Temp\c4e7221f747d0bc8be0163bde58d138e68191346d09dceaa56425e546e2e1015.exe"
1⤵
PID:3420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3420-116-0x0000000000600000-0x000000000061C000-memory.dmp

Filesize
112KB

Download
memory/3420-115-0x00000000005E0000-0x00000000005F1000-memory.dmp

Filesize
68KB

Download
memory/3420-117-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download