arkei | 6ddb0bfa1addfb2017913f0e0b70fa19c3714046117859df6a7319c606154506 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

6ddb0bfa1addfb2017913f0e0b70fa19c3714046117859df6a7319c606154506
Size

315KB
Sample

220115-psv22aeca2
MD5

88e8761eea7b1418f62f7d63a2bc3e5a
SHA1

4cb0ec77e2228e76da347479a5cae2885a436c0c
SHA256

6ddb0bfa1addfb2017913f0e0b70fa19c3714046117859df6a7319c606154506
SHA512

53f242d543bb2dac63ca15be51650614f20a727a92eef49f7624041d43439e0c50dc87f25a3675a282aed246f60d6279fc5ee84c658676de3b6bbebd7d0bffa4

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

6ddb0bfa1addfb2017913f0e0b70fa19c3714046117859df6a7319c606154506.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  6ddb0bfa1addfb2017913f0e0b70fa19c3714046117859df6a7319c606154506
- Size
  
  315KB
- MD5
  
  88e8761eea7b1418f62f7d63a2bc3e5a
- SHA1
  
  4cb0ec77e2228e76da347479a5cae2885a436c0c
- SHA256
  
  6ddb0bfa1addfb2017913f0e0b70fa19c3714046117859df6a7319c606154506
- SHA512
  
  53f242d543bb2dac63ca15be51650614f20a727a92eef49f7624041d43439e0c50dc87f25a3675a282aed246f60d6279fc5ee84c658676de3b6bbebd7d0bffa4
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy