arkei | c2b8469c18d5b7bdd70857b7f6e520457949532e633aabcec93e1d23fa392a49 | Triage

Analysis

max time kernel
122s
max time network
125s
platform
windows10_x64
resource
win10-en-20211208
submitted
15-01-2022 17:10

Sharing

Report Analysis Logs

General

Target

c2b8469c18d5b7bdd70857b7f6e520457949532e633aabcec93e1d23fa392a49.exe
Size

324KB
MD5

28ba409a729a24d52429d17606802c40
SHA1

79bb96628f6c3488afb302447f820399462d73d1
SHA256

c2b8469c18d5b7bdd70857b7f6e520457949532e633aabcec93e1d23fa392a49
SHA512

ebb8d2d72a5b37e940094f67f71f4503029c7ad075145d9df2a65832a9e6751897f2bbc40ebeeb022f75f355872bdd8bedd891082c183ac32c853c5f16f51f7d

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2600-116-0x00000000007E0000-0x00000000007FC000-memory.dmp	family_arkei
behavioral1/memory/2600-117-0x0000000000400000-0x0000000000561000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\c2b8469c18d5b7bdd70857b7f6e520457949532e633aabcec93e1d23fa392a49.exe
"C:\Users\Admin\AppData\Local\Temp\c2b8469c18d5b7bdd70857b7f6e520457949532e633aabcec93e1d23fa392a49.exe"
1⤵
PID:2600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2600-115-0x000000000082A000-0x000000000083B000-memory.dmp

Filesize
68KB

Download
memory/2600-116-0x00000000007E0000-0x00000000007FC000-memory.dmp

Filesize
112KB

Download
memory/2600-117-0x0000000000400000-0x0000000000561000-memory.dmp

Filesize
1.4MB

Download