arkei | 26c1e77af10af79d0b2f71b65b250f69fed88de1650e92e06e023ac28d4ef1a9 | Triage

Analysis

max time kernel
117s
max time network
124s
platform
windows10_x64
resource
win10-en-20211208
submitted
16-01-2022 20:41

Sharing

Report Analysis Logs

General

Target

26c1e77af10af79d0b2f71b65b250f69fed88de1650e92e06e023ac28d4ef1a9.exe
Size

277KB
MD5

cf9e113037117531d00bee0d129bcd24
SHA1

4035c6529b26ec6515987b61cdb40101eb785d1e
SHA256

26c1e77af10af79d0b2f71b65b250f69fed88de1650e92e06e023ac28d4ef1a9
SHA512

cf7013f7072ed162a9aa1484f9f177acfe16787affbdbd86a738963f8a539dc2eed9d5b86b23abeff5d69688d6cc906ecbac608843f856f9a9e3771f475da1d1

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/348-117-0x0000000000400000-0x00000000004DA000-memory.dmp	family_arkei
behavioral1/memory/348-116-0x0000000000640000-0x000000000065C000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\26c1e77af10af79d0b2f71b65b250f69fed88de1650e92e06e023ac28d4ef1a9.exe
"C:\Users\Admin\AppData\Local\Temp\26c1e77af10af79d0b2f71b65b250f69fed88de1650e92e06e023ac28d4ef1a9.exe"
1⤵
PID:348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/348-115-0x0000000000786000-0x0000000000797000-memory.dmp

Filesize
68KB

Download
memory/348-117-0x0000000000400000-0x00000000004DA000-memory.dmp

Filesize
872KB

Download
memory/348-116-0x0000000000640000-0x000000000065C000-memory.dmp

Filesize
112KB

Download