arkei | f1ff0817cd12a7c79fe812becb7c34fbf07548b70d2e64485517f82971ff0525 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

f1ff0817cd12a7c79fe812becb7c34fbf07548b70d2e64485517f82971ff0525
Size

322KB
Sample

220115-emg8wacgbl
MD5

458ed95fd43e6a1594920b127deabd29
SHA1

98f485fc5d4b1510193d36b5e98774f2fddcc756
SHA256

f1ff0817cd12a7c79fe812becb7c34fbf07548b70d2e64485517f82971ff0525
SHA512

53f2e3a4dcd367557ad799e58ccc381a3597e38267a7010bc06edc1d67810e36bcb5d2a1909e9ff038cff2f204f0c160cd922384179a60883d4487d73126a099

Score

10^/10

arkei default stealer

Static task

static1

Behavioral task

behavioral1

Sample

f1ff0817cd12a7c79fe812becb7c34fbf07548b70d2e64485517f82971ff0525.exe

Resource

win10v2004-en-20220112

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  f1ff0817cd12a7c79fe812becb7c34fbf07548b70d2e64485517f82971ff0525
- Size
  
  322KB
- MD5
  
  458ed95fd43e6a1594920b127deabd29
- SHA1
  
  98f485fc5d4b1510193d36b5e98774f2fddcc756
- SHA256
  
  f1ff0817cd12a7c79fe812becb7c34fbf07548b70d2e64485517f82971ff0525
- SHA512
  
  53f2e3a4dcd367557ad799e58ccc381a3597e38267a7010bc06edc1d67810e36bcb5d2a1909e9ff038cff2f204f0c160cd922384179a60883d4487d73126a099
Score

10^/10

arkei default stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Suspicious use of NtCreateProcessExOtherParentProcess
- Arkei Stealer Payload
  stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultstealer

© 2018-2024

Terms | Privacy