arkei | 39a54036eed2e087969a6a2077680ff1515af1c46d489107386ed661257d606e | Triage

Analysis

max time kernel
119s
max time network
123s
platform
windows10_x64
resource
win10-en-20211208
submitted
16-01-2022 04:51

Sharing

Report Analysis Logs

General

Target

39a54036eed2e087969a6a2077680ff1515af1c46d489107386ed661257d606e.exe
Size

317KB
MD5

64337e7a8d0fdf5876addbbf11d0df35
SHA1

c9d674c645dd9702981dce806a2b02ece2d5ed6f
SHA256

39a54036eed2e087969a6a2077680ff1515af1c46d489107386ed661257d606e
SHA512

931c2efb82ed0ee57831771aa75fa51accdf6d63141aebbcad622c25a6cdd5005f6cafb374de22af2ec280131153f380e49b7048be7c044c6749fcf6c8b02668

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2224-116-0x0000000000770000-0x000000000078C000-memory.dmp	family_arkei
behavioral1/memory/2224-117-0x0000000000400000-0x00000000004E5000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\39a54036eed2e087969a6a2077680ff1515af1c46d489107386ed661257d606e.exe
"C:\Users\Admin\AppData\Local\Temp\39a54036eed2e087969a6a2077680ff1515af1c46d489107386ed661257d606e.exe"
1⤵
PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2224-115-0x000000000080A000-0x000000000081B000-memory.dmp

Filesize
68KB

Download
memory/2224-116-0x0000000000770000-0x000000000078C000-memory.dmp

Filesize
112KB

Download
memory/2224-117-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download