arkei | 11d9d9042783bee4b88464ef4049913708b14a7f212cfc747732a34ee8794d83 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

11d9d9042783bee4b88464ef4049913708b14a7f212cfc747732a34ee8794d83
Size

330KB
Sample

220117-vdaqfabfhp
MD5

a4b9e0d0bfcca042e8d46e9278eba0ce
SHA1

a66ed12a8bd9304221787c37421e1ce97bc831c1
SHA256

11d9d9042783bee4b88464ef4049913708b14a7f212cfc747732a34ee8794d83
SHA512

536e4b5369d8ae1beddda289a24e5572e97fc3f3fbcd1c6176a19add9c249237bfb3865063450bd8df1ae1fbe2f73600c6119af95976359e026eff05f55760e0

Score

10^/10

arkei default stealer

Static task

static1

Behavioral task

behavioral1

Sample

11d9d9042783bee4b88464ef4049913708b14a7f212cfc747732a34ee8794d83.exe

Resource

win10v2004-en-20220112

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  11d9d9042783bee4b88464ef4049913708b14a7f212cfc747732a34ee8794d83
- Size
  
  330KB
- MD5
  
  a4b9e0d0bfcca042e8d46e9278eba0ce
- SHA1
  
  a66ed12a8bd9304221787c37421e1ce97bc831c1
- SHA256
  
  11d9d9042783bee4b88464ef4049913708b14a7f212cfc747732a34ee8794d83
- SHA512
  
  536e4b5369d8ae1beddda289a24e5572e97fc3f3fbcd1c6176a19add9c249237bfb3865063450bd8df1ae1fbe2f73600c6119af95976359e026eff05f55760e0
Score

10^/10

arkei default stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Suspicious use of NtCreateProcessExOtherParentProcess
- Arkei Stealer Payload
  stealer
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultstealer

© 2018-2024

Terms | Privacy