arkei | 5d3cd94435fecbe8fc96374e2aa080a2582b4a144e2da9cd373a91b8d83fa53d | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

5d3cd94435fecbe8fc96374e2aa080a2582b4a144e2da9cd373a91b8d83fa53d
Size

324KB
Sample

220115-zpz7pafac9
MD5

8752e20c923fe66b857b327024b3820a
SHA1

578f6a40857b49b5af362bd3bc673eda3ab60629
SHA256

5d3cd94435fecbe8fc96374e2aa080a2582b4a144e2da9cd373a91b8d83fa53d
SHA512

39a6c099d7f5d77f31020ede657490740aba5c87542c70b2d9900f347fed2c102b6153b144d6aee5fd377a960da2af09108ce73b5531c125f36fc9bc08f07d38

Score

10^/10

arkei default stealer

Static task

static1

Behavioral task

behavioral1

Sample

5d3cd94435fecbe8fc96374e2aa080a2582b4a144e2da9cd373a91b8d83fa53d.exe

Resource

win10v2004-en-20220112

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  5d3cd94435fecbe8fc96374e2aa080a2582b4a144e2da9cd373a91b8d83fa53d
- Size
  
  324KB
- MD5
  
  8752e20c923fe66b857b327024b3820a
- SHA1
  
  578f6a40857b49b5af362bd3bc673eda3ab60629
- SHA256
  
  5d3cd94435fecbe8fc96374e2aa080a2582b4a144e2da9cd373a91b8d83fa53d
- SHA512
  
  39a6c099d7f5d77f31020ede657490740aba5c87542c70b2d9900f347fed2c102b6153b144d6aee5fd377a960da2af09108ce73b5531c125f36fc9bc08f07d38
Score

10^/10

arkei default stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Suspicious use of NtCreateProcessExOtherParentProcess
- Arkei Stealer Payload
  stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultstealer

© 2018-2024

Terms | Privacy