arkei | fea2d4627ccb640a157c73be71f68baf0a3fafed28c6b22b3c333c740eaf9693 | Triage

Sharing

General

Target

fea2d4627ccb640a157c73be71f68baf0a3fafed28c6b22b3c333c740eaf9693
Size

271KB
Sample

220122-vg44fscbh4
MD5

1cb0f7fd158d161f50d2aa1cf20ff8a6
SHA1

08a940ffc4abbb98a25a7fcad69e6b0554a8d21d
SHA256

fea2d4627ccb640a157c73be71f68baf0a3fafed28c6b22b3c333c740eaf9693
SHA512

d741a04e362432d79689ae15da4cfa80a67b41b97f29eee7d5e87048fdfe369aea5152b65307fa9d7487c7c595f91e45ac94424431a3ed8d5f9584b392537986

Score

10^/10

arkei default persistence stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Targets

- Target
  
  fea2d4627ccb640a157c73be71f68baf0a3fafed28c6b22b3c333c740eaf9693
- Size
  
  271KB
- MD5
  
  1cb0f7fd158d161f50d2aa1cf20ff8a6
- SHA1
  
  08a940ffc4abbb98a25a7fcad69e6b0554a8d21d
- SHA256
  
  fea2d4627ccb640a157c73be71f68baf0a3fafed28c6b22b3c333c740eaf9693
- SHA512
  
  d741a04e362432d79689ae15da4cfa80a67b41b97f29eee7d5e87048fdfe369aea5152b65307fa9d7487c7c595f91e45ac94424431a3ed8d5f9584b392537986
Score

10^/10

arkei default persistence stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Sets service image path in registry
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultpersistencestealer