arkei | e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
Size

332KB
Sample

220121-rrbccahgb9
MD5

208b0d3b4acd00ea58d106f7f003da04
SHA1

031e54f096fe96533c175db092101a928d416d01
SHA256

e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
SHA512

2c3d3ed23c6c79daab1e25c921479d80433b101d480584b76aac1b5ba5e336651144d191b3a4477c424028baf8de6942986329a598be5f07dfdad51a914abcf5

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
- Size
  
  332KB
- MD5
  
  208b0d3b4acd00ea58d106f7f003da04
- SHA1
  
  031e54f096fe96533c175db092101a928d416d01
- SHA256
  
  e79ea6ca4f00f2cc17f5cfbf5d69e2d8fedfe04d21ff44f1fe39550bb12a4ee0
- SHA512
  
  2c3d3ed23c6c79daab1e25c921479d80433b101d480584b76aac1b5ba5e336651144d191b3a4477c424028baf8de6942986329a598be5f07dfdad51a914abcf5
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy