arkei | c08a06bf3c5b7d3d5684c300f37ef60a93a4a09aa4d28096361c8a192924886e | Triage

Analysis

max time kernel
112s
max time network
141s
platform
windows10_x64
resource
win10-en-20211208
submitted
18-01-2022 02:52

Sharing

Report Analysis Logs

General

Target

c08a06bf3c5b7d3d5684c300f37ef60a93a4a09aa4d28096361c8a192924886e.exe
Size

326KB
MD5

3dd3db58a1f3d9aaf0f4eab3ce5361cf
SHA1

e26e3f15a1356b8f1e3252845a4228568f16a24d
SHA256

c08a06bf3c5b7d3d5684c300f37ef60a93a4a09aa4d28096361c8a192924886e
SHA512

6491d3ba6fe8a90f7a31352b810cf67a341b49954c8dc43c2573938c1ca2b725774ff192257019159e04eef71fad273174004206d5ddf43a569f49fae77276a4

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2352-119-0x00000000001E0000-0x00000000001FC000-memory.dmp	family_arkei
behavioral1/memory/2352-120-0x0000000000400000-0x000000000045A000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\c08a06bf3c5b7d3d5684c300f37ef60a93a4a09aa4d28096361c8a192924886e.exe
"C:\Users\Admin\AppData\Local\Temp\c08a06bf3c5b7d3d5684c300f37ef60a93a4a09aa4d28096361c8a192924886e.exe"
1⤵
PID:2352

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2352-118-0x00000000001C0000-0x00000000001D1000-memory.dmp

Filesize
68KB

Download
memory/2352-119-0x00000000001E0000-0x00000000001FC000-memory.dmp

Filesize
112KB

Download
memory/2352-120-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download