arkei | 6f9397ad37bed972160b0800cd22cefc0426a0ca625cb9ece57ed101585bbbea | Triage

Analysis

max time kernel
81s
max time network
124s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 23:29

Sharing

Report Analysis Logs

General

Target

6f9397ad37bed972160b0800cd22cefc0426a0ca625cb9ece57ed101585bbbea.exe
Size

315KB
MD5

3d30ec81a5ffa0a357fc953fc9b91f72
SHA1

7cbe187b26b495ca79b8b6385d81e54045e46ebc
SHA256

6f9397ad37bed972160b0800cd22cefc0426a0ca625cb9ece57ed101585bbbea
SHA512

cc71c0631624934ae80c0b7db99c2a3e119cac3b907ac79b0802647d28148734ef1011eb711e160d1347f467355a4c287981a105c9252d5de095c7fdc3dc328b

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/348-117-0x0000000000400000-0x00000000004E5000-memory.dmp	family_arkei
behavioral1/memory/348-116-0x0000000002200000-0x000000000221C000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\6f9397ad37bed972160b0800cd22cefc0426a0ca625cb9ece57ed101585bbbea.exe
"C:\Users\Admin\AppData\Local\Temp\6f9397ad37bed972160b0800cd22cefc0426a0ca625cb9ece57ed101585bbbea.exe"
1⤵
PID:348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/348-117-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/348-116-0x0000000002200000-0x000000000221C000-memory.dmp

Filesize
112KB

Download