arkei | c045f7faf3370e48ce791984056f898b66e256358dc2c5450697278d3e8afee0 | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows10_x64
resource
win10-en-20211208
submitted
17-01-2022 17:41

Sharing

Report Analysis Logs

General

Target

c045f7faf3370e48ce791984056f898b66e256358dc2c5450697278d3e8afee0.exe
Size

330KB
MD5

227ef29b7c2687046ae70ab25c0f9952
SHA1

ab025e905bb299164184f1ad2afee1cb8b3ba96a
SHA256

c045f7faf3370e48ce791984056f898b66e256358dc2c5450697278d3e8afee0
SHA512

754b2896b52396c0aecf7cc0abfd760ab29951854b4c2aeb7d3c8bb39d59378df077f53f5a1918b18503fa00291217a10b34d94e775b083416243fa6b434edf3

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2440-116-0x0000000002300000-0x000000000231C000-memory.dmp	family_arkei
behavioral1/memory/2440-117-0x0000000000400000-0x00000000005DA000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\c045f7faf3370e48ce791984056f898b66e256358dc2c5450697278d3e8afee0.exe
"C:\Users\Admin\AppData\Local\Temp\c045f7faf3370e48ce791984056f898b66e256358dc2c5450697278d3e8afee0.exe"
1⤵
PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2440-115-0x0000000000976000-0x0000000000987000-memory.dmp

Filesize
68KB

Download
memory/2440-116-0x0000000002300000-0x000000000231C000-memory.dmp

Filesize
112KB

Download
memory/2440-117-0x0000000000400000-0x00000000005DA000-memory.dmp

Filesize
1.9MB

Download