Analysis Overview
SHA256
405da412edc6cf6ff78a22496e5ca402754c5dd048b3ce6401d3ae9243d98d30
Threat Level: Known bad
The file 405da412edc6cf6ff78a22496e5ca402754c5dd048b3ce6401d3ae9243d98d30 was found to be: Known bad.
Malicious Activity Summary
Arkei
Arkei Stealer Payload
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-01-17 10:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2022-01-17 10:50
Reported
2022-01-17 10:53
Platform
win10-en-20211208
Max time kernel
119s
Max time network
124s
Command Line
Signatures
Arkei
Arkei Stealer Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\405da412edc6cf6ff78a22496e5ca402754c5dd048b3ce6401d3ae9243d98d30.exe
"C:\Users\Admin\AppData\Local\Temp\405da412edc6cf6ff78a22496e5ca402754c5dd048b3ce6401d3ae9243d98d30.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | time.windows.com | udp |
| US | 168.61.215.74:123 | time.windows.com | udp |
Files
memory/2632-115-0x0000000000926000-0x0000000000937000-memory.dmp
memory/2632-116-0x00000000005E0000-0x000000000072A000-memory.dmp
memory/2632-117-0x0000000000400000-0x00000000005DC000-memory.dmp