arkei | 19cef530181d49f24a3513ee5546bf69a12482f66466db0d8a5c45da206be569 | Triage

Analysis

max time kernel
119s
max time network
124s
platform
windows10_x64
resource
win10-en-20211208
submitted
14-01-2022 12:50

Sharing

Report Analysis Logs

General

Target

19cef530181d49f24a3513ee5546bf69a12482f66466db0d8a5c45da206be569.exe
Size

315KB
MD5

c94fbef580c7cd0ba874360d0b997f22
SHA1

6533af2daeb72a2e9c8e52194052c1444e203db1
SHA256

19cef530181d49f24a3513ee5546bf69a12482f66466db0d8a5c45da206be569
SHA512

89c0270b8239624f7f2fd1d1d26bc1a5dbbcd7397908230fba5f80de69326bc9f52a488ef1d53bd227ab22346484445846a89322224574e02837d04a3bda511d

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2340-116-0x00000000001E0000-0x00000000001FC000-memory.dmp	family_arkei
behavioral1/memory/2340-117-0x0000000000400000-0x000000000055F000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\19cef530181d49f24a3513ee5546bf69a12482f66466db0d8a5c45da206be569.exe
"C:\Users\Admin\AppData\Local\Temp\19cef530181d49f24a3513ee5546bf69a12482f66466db0d8a5c45da206be569.exe"
1⤵
PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2340-116-0x00000000001E0000-0x00000000001FC000-memory.dmp

Filesize
112KB

Download
memory/2340-117-0x0000000000400000-0x000000000055F000-memory.dmp

Filesize
1.4MB

Download