arkei | 416ac154e1daf3321caf13ad7e08068b8a03a41004a2c59dae0e796db5a51964 | Triage

Analysis

max time kernel
136s
max time network
138s
platform
windows10_x64
resource
win10-en-20211208
submitted
22-01-2022 22:04

Sharing

Report Analysis Logs

General

Target

416ac154e1daf3321caf13ad7e08068b8a03a41004a2c59dae0e796db5a51964.exe
Size

270KB
MD5

8824ea0a6b0f56fb96496c8a674e6b90
SHA1

c8079d605a7560885252dceda76decdf6707c44b
SHA256

416ac154e1daf3321caf13ad7e08068b8a03a41004a2c59dae0e796db5a51964
SHA512

10f494793647a8820258ec78409a2810625b7c3d7370627837b8c26491e73d4fbc47300ab2780e13e055db64ea5f03c7496fccc046850b7f53a1183bfab010d1

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/3480-116-0x00000000004B0000-0x00000000004CC000-memory.dmp	family_arkei
behavioral1/memory/3480-117-0x0000000000400000-0x000000000044A000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\416ac154e1daf3321caf13ad7e08068b8a03a41004a2c59dae0e796db5a51964.exe
"C:\Users\Admin\AppData\Local\Temp\416ac154e1daf3321caf13ad7e08068b8a03a41004a2c59dae0e796db5a51964.exe"
1⤵
PID:3480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3480-115-0x0000000000490000-0x00000000004A1000-memory.dmp

Filesize
68KB

Download
memory/3480-116-0x00000000004B0000-0x00000000004CC000-memory.dmp

Filesize
112KB

Download
memory/3480-117-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download