arkei | d6b79f58f7c7cb10279875894fd0e727c50148906b625937c3acbae06b5c5f4b | Triage

Analysis

max time kernel
80s
max time network
121s
platform
windows10_x64
resource
win10-en-20211208
submitted
16-01-2022 12:37

Sharing

Report Analysis Logs

General

Target

d6b79f58f7c7cb10279875894fd0e727c50148906b625937c3acbae06b5c5f4b.exe
Size

309KB
MD5

0fcd09f31bf9f12317c5321d09e04c1c
SHA1

2dff9b9b33f9d848d8a7d959b1ec597590d879b4
SHA256

d6b79f58f7c7cb10279875894fd0e727c50148906b625937c3acbae06b5c5f4b
SHA512

b77f696ad96a654abe22d8f825c4ddde69c902bfcfac973f88b22a4f32776fabae2b14a8a44ef363accd877f1ca44aba7785d41cd860d2b09e9ea932c5cf39b3

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/344-117-0x0000000000400000-0x00000000004E2000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\d6b79f58f7c7cb10279875894fd0e727c50148906b625937c3acbae06b5c5f4b.exe
"C:\Users\Admin\AppData\Local\Temp\d6b79f58f7c7cb10279875894fd0e727c50148906b625937c3acbae06b5c5f4b.exe"
1⤵
PID:344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/344-115-0x000000000080A000-0x000000000081B000-memory.dmp

Filesize
68KB

Download
memory/344-117-0x0000000000400000-0x00000000004E2000-memory.dmp

Filesize
904KB

Download
memory/344-116-0x00000000004F0000-0x000000000063A000-memory.dmp

Filesize
1.3MB

Download