Extracted

• • Target

    7d391ed9356c4fa41f015b73f667663813b0d3b2e5ce1482fae64462a316bff6

  • Size

    1.6MB

  • MD5

    953f7ef3d735935dbbfb4c249bcd1534

  • SHA1

    cb192b0134468f9e59d3b02cfc2f26652c8d689a

  • SHA256

    7d391ed9356c4fa41f015b73f667663813b0d3b2e5ce1482fae64462a316bff6

  • SHA512

    8ef23e1c1ed9b459a551b6eefa259cf47bd9732ea58190a25362329238a315764d7ebf6fd70dfa147190adc6a9681baf3a174e8f271a47a4b84b833b535f308e

  Score

  10^/10

  arkeidefaultdiscoveryspywarestealer

  • Arkei

    Arkei is an infostealer written in C++.

    stealerarkei

  • Arkei Stealer Payload

    stealer

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1