arkei | b608a0c34ae1096bd2bf5d891edd7cda78ef35514856feb1e24a59d9ac8275de | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows10_x64
resource
win10-en-20211208
submitted
14-01-2022 12:16

Sharing

Report Analysis Logs

General

Target

b608a0c34ae1096bd2bf5d891edd7cda78ef35514856feb1e24a59d9ac8275de.exe
Size

315KB
MD5

fef3a81fee32eb285e1b73d759097d5e
SHA1

e9eae623223e577a26a3ed746970acf67891f5d4
SHA256

b608a0c34ae1096bd2bf5d891edd7cda78ef35514856feb1e24a59d9ac8275de
SHA512

80da4b230cbeb878097060af0ed9b8869cb4acbf4a2e11bc4f527989af58293067ccce0795f5e6f3663cc9f0c112f504a733451f2d41f7e4a41fc3d59e41354a

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2440-116-0x00000000001C0000-0x00000000001DC000-memory.dmp	family_arkei
behavioral1/memory/2440-117-0x0000000000400000-0x000000000055F000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\b608a0c34ae1096bd2bf5d891edd7cda78ef35514856feb1e24a59d9ac8275de.exe
"C:\Users\Admin\AppData\Local\Temp\b608a0c34ae1096bd2bf5d891edd7cda78ef35514856feb1e24a59d9ac8275de.exe"
1⤵
PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2440-115-0x0000000000771000-0x0000000000782000-memory.dmp

Filesize
68KB

Download
memory/2440-116-0x00000000001C0000-0x00000000001DC000-memory.dmp

Filesize
112KB

Download
memory/2440-117-0x0000000000400000-0x000000000055F000-memory.dmp

Filesize
1.4MB

Download