arkei | a44cde6d6bb60ef5c3a87e1fa499d9a013314e928bc6a572eadeff59b9635731 | Triage

Analysis

max time kernel
118s
max time network
122s
platform
windows10_x64
resource
win10-en-20211208
submitted
18-01-2022 06:18

Sharing

Report Analysis Logs

General

Target

a44cde6d6bb60ef5c3a87e1fa499d9a013314e928bc6a572eadeff59b9635731.exe
Size

326KB
MD5

f044b0f327444079a9008976d2cefee7
SHA1

fc7bebdce91a962ddfae434fdfd87da4210e189a
SHA256

a44cde6d6bb60ef5c3a87e1fa499d9a013314e928bc6a572eadeff59b9635731
SHA512

962aca31e075e930823be4465464567e31744af33861f7adb2439a4b949fb1f8761bba62dc5f3f62892a5970355a836a0dfdf52d4af058c1900c5873a776964e

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2680-116-0x00000000001C0000-0x00000000001DC000-memory.dmp	family_arkei
behavioral1/memory/2680-117-0x0000000000400000-0x000000000045B000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\a44cde6d6bb60ef5c3a87e1fa499d9a013314e928bc6a572eadeff59b9635731.exe
"C:\Users\Admin\AppData\Local\Temp\a44cde6d6bb60ef5c3a87e1fa499d9a013314e928bc6a572eadeff59b9635731.exe"
1⤵
PID:2680

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2680-115-0x0000000000030000-0x0000000000040000-memory.dmp

Filesize
64KB

Download
memory/2680-116-0x00000000001C0000-0x00000000001DC000-memory.dmp

Filesize
112KB

Download
memory/2680-117-0x0000000000400000-0x000000000045B000-memory.dmp

Filesize
364KB

Download