arkei | cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
Size

308KB
Sample

220118-qk3ycabdgj
MD5

19b9aabb4b600bbe222df7c20bf07ded
SHA1

8ec44325179bd831d61c96cef4715b4f14a8d701
SHA256

cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
SHA512

306a62d46fba2d60bada530b0150b2ce53d44ad7ce6a2ebc319ed75a781d6962509426fc6a2dba1b5c2b900ce55a89e81ccda47d5c332382c1694138fe4d7b7f

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
- Size
  
  308KB
- MD5
  
  19b9aabb4b600bbe222df7c20bf07ded
- SHA1
  
  8ec44325179bd831d61c96cef4715b4f14a8d701
- SHA256
  
  cc802971143ca0a41e97454c6f62b82fdfd88616bee66f39ecfb57584ea040ec
- SHA512
  
  306a62d46fba2d60bada530b0150b2ce53d44ad7ce6a2ebc319ed75a781d6962509426fc6a2dba1b5c2b900ce55a89e81ccda47d5c332382c1694138fe4d7b7f
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy