arkei | 28d8ebe7523287d8ebde584a18db75734cf6779f3461340f8acf053874c87716 | Triage

Sharing

General

Target

28d8ebe7523287d8ebde584a18db75734cf6779f3461340f8acf053874c87716
Size

270KB
Sample

220122-3rzwgsdhal
MD5

d7b9e4fc502e806e7430f132352f67aa
SHA1

4506449f1d7dace24ffe9dfe5b452c44c77dcd59
SHA256

28d8ebe7523287d8ebde584a18db75734cf6779f3461340f8acf053874c87716
SHA512

9088de8aaca3e3cbf9acba023a88c2d791fa1992eecaf874856809d1d87a4dd96b044b2a3b7df242c3dc8579f9b8f6b1cc4b1a567080e8e27cb5556c44450339

Score

10^/10

arkei default persistence stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  28d8ebe7523287d8ebde584a18db75734cf6779f3461340f8acf053874c87716
- Size
  
  270KB
- MD5
  
  d7b9e4fc502e806e7430f132352f67aa
- SHA1
  
  4506449f1d7dace24ffe9dfe5b452c44c77dcd59
- SHA256
  
  28d8ebe7523287d8ebde584a18db75734cf6779f3461340f8acf053874c87716
- SHA512
  
  9088de8aaca3e3cbf9acba023a88c2d791fa1992eecaf874856809d1d87a4dd96b044b2a3b7df242c3dc8579f9b8f6b1cc4b1a567080e8e27cb5556c44450339
Score

10^/10

arkei default persistence stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Sets service image path in registry
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultpersistencestealer