arkei | 4e3158bb01662f21f0cbb015be33cefba127272f47767375f6f8074b62ee87c9 | Triage

Analysis

max time kernel
145s
max time network
148s
platform
windows10_x64
resource
win10-en-20211208
submitted
23-01-2022 03:31

Sharing

Report Analysis Logs

General

Target

4e3158bb01662f21f0cbb015be33cefba127272f47767375f6f8074b62ee87c9.exe
Size

270KB
MD5

4928bf022272fe47d3b65b6d188b39c0
SHA1

7a58716853f59b812667f8a0f465ead756da430f
SHA256

4e3158bb01662f21f0cbb015be33cefba127272f47767375f6f8074b62ee87c9
SHA512

7de74cfe6595a6ddbfb625bd67ad1593bcfee4c5def382532f381ff84c2fc471b59f94062ee989eb7433cd5a58c357d1607ff2c170d13af98b6125eeac4b1011

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2776-116-0x00000000008B0000-0x00000000008CC000-memory.dmp	family_arkei
behavioral1/memory/2776-117-0x0000000000400000-0x000000000044A000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\4e3158bb01662f21f0cbb015be33cefba127272f47767375f6f8074b62ee87c9.exe
"C:\Users\Admin\AppData\Local\Temp\4e3158bb01662f21f0cbb015be33cefba127272f47767375f6f8074b62ee87c9.exe"
1⤵
PID:2776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2776-115-0x00000000001C0000-0x00000000001D1000-memory.dmp

Filesize
68KB

Download
memory/2776-116-0x00000000008B0000-0x00000000008CC000-memory.dmp

Filesize
112KB

Download
memory/2776-117-0x0000000000400000-0x000000000044A000-memory.dmp

Filesize
296KB

Download