arkei | 0e4f41f9e08cca51bf73107b7ec73bd5c9fccff0405b353f218a82c00b6fa63b | Triage

Analysis

max time kernel
134s
max time network
137s
platform
windows10_x64
resource
win10-en-20211208
submitted
22-01-2022 23:07

Sharing

Report Analysis Logs

General

Target

0e4f41f9e08cca51bf73107b7ec73bd5c9fccff0405b353f218a82c00b6fa63b.exe
Size

270KB
MD5

45dda79efcca6a956c157ee832a0a156
SHA1

5c0ae929a9f169edc831712d28ce9899cb271791
SHA256

0e4f41f9e08cca51bf73107b7ec73bd5c9fccff0405b353f218a82c00b6fa63b
SHA512

0b51cea2151a6b7f15dfd50170d60f9c37b91c6c2c5be99f9db907295e0156c72df2af8fb3214ea81d56becfc5d6574208f86ad43f1cee49f959bad51cf6e53e

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/3452-116-0x00000000008A0000-0x00000000008BC000-memory.dmp	family_arkei
behavioral1/memory/3452-117-0x0000000000400000-0x000000000044A000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\0e4f41f9e08cca51bf73107b7ec73bd5c9fccff0405b353f218a82c00b6fa63b.exe
"C:\Users\Admin\AppData\Local\Temp\0e4f41f9e08cca51bf73107b7ec73bd5c9fccff0405b353f218a82c00b6fa63b.exe"
1⤵
PID:3452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3452-115-0x00000000001D0000-0x00000000001E1000-memory.dmp

Filesize
68KB

Download
memory/3452-116-0x00000000008A0000-0x00000000008BC000-memory.dmp

Filesize
112KB

Download
memory/3452-117-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download