arkei | 6adb982eee5ff5248ebfcc0462fd692bd7769d4b407856cd0d86c2d086216864 | Triage

Analysis

max time kernel
110s
max time network
121s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 22:19

Sharing

Report Analysis Logs

General

Target

6adb982eee5ff5248ebfcc0462fd692bd7769d4b407856cd0d86c2d086216864.exe
Size

315KB
MD5

bea13f2a7eba1cfbace5d782e6065659
SHA1

f817147a9a37ee89852ee705f00495ddb34602f2
SHA256

6adb982eee5ff5248ebfcc0462fd692bd7769d4b407856cd0d86c2d086216864
SHA512

98d2c3a596ecb4c1cc81e67c9e310815d58b4971ee73404c4b57f48da4356b3c50a18d11650c1411f561bb3977ed2178565d5e668a77d83c891a078dc9208140

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2444-116-0x0000000000730000-0x000000000074C000-memory.dmp	family_arkei
behavioral1/memory/2444-117-0x0000000000400000-0x00000000004E5000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\6adb982eee5ff5248ebfcc0462fd692bd7769d4b407856cd0d86c2d086216864.exe
"C:\Users\Admin\AppData\Local\Temp\6adb982eee5ff5248ebfcc0462fd692bd7769d4b407856cd0d86c2d086216864.exe"
1⤵
PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2444-115-0x00000000007BA000-0x00000000007CB000-memory.dmp

Filesize
68KB

Download
memory/2444-116-0x0000000000730000-0x000000000074C000-memory.dmp

Filesize
112KB

Download
memory/2444-117-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download