arkei | 59b38e411268c05b03d08d807b459b2ade264281f28ac08ba4049b0c23f572f2 | Triage

Analysis

max time kernel
136s
max time network
139s
platform
windows10_x64
resource
win10-en-20211208
submitted
22-01-2022 21:06

Sharing

Report Analysis Logs

General

Target

59b38e411268c05b03d08d807b459b2ade264281f28ac08ba4049b0c23f572f2.exe
Size

270KB
MD5

04c713cf49d00709e588e25ab5adca1f
SHA1

c6e7eaacc2bb6172aa23a2d9f79977f280264e80
SHA256

59b38e411268c05b03d08d807b459b2ade264281f28ac08ba4049b0c23f572f2
SHA512

ca158f1a9bec0d0e64d2cb5fc358d8d9304ee80c2812249998731102aac42937106a69785f1ff403ea900022f97b397c9e3d22b79482bfaa8897af0913cca3b5

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/3960-116-0x00000000008A0000-0x00000000008BC000-memory.dmp	family_arkei
behavioral1/memory/3960-117-0x0000000000400000-0x000000000044A000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\59b38e411268c05b03d08d807b459b2ade264281f28ac08ba4049b0c23f572f2.exe
"C:\Users\Admin\AppData\Local\Temp\59b38e411268c05b03d08d807b459b2ade264281f28ac08ba4049b0c23f572f2.exe"
1⤵
PID:3960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3960-115-0x0000000000880000-0x0000000000891000-memory.dmp

Filesize
68KB

Download
memory/3960-116-0x00000000008A0000-0x00000000008BC000-memory.dmp

Filesize
112KB

Download
memory/3960-117-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download