arkei | 63ceb71fcdf09cb0430c68c96b0f420211a56b4eac821b748046e9f7e7c3f8c7 | Triage

Analysis

max time kernel
134s
max time network
137s
platform
windows10_x64
resource
win10-en-20211208
submitted
23-01-2022 05:14

Sharing

Report Analysis Logs

General

Target

63ceb71fcdf09cb0430c68c96b0f420211a56b4eac821b748046e9f7e7c3f8c7.exe
Size

264KB
MD5

0b07901197686c5373f7072f13c4347f
SHA1

5283e9f5d2b0fdf12bf6695e061a1893cc993522
SHA256

63ceb71fcdf09cb0430c68c96b0f420211a56b4eac821b748046e9f7e7c3f8c7
SHA512

3e6d6abb7837388407a0d259b51e445e03334f9d45d0b5cc1c89d3a437203d44478275c50c72af613f6e287fb1bbdc6c6d7654997102e62d3d59ae3b81bd6f22

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/3764-116-0x00000000008C0000-0x00000000008DC000-memory.dmp	family_arkei
behavioral1/memory/3764-117-0x0000000000400000-0x0000000000449000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\63ceb71fcdf09cb0430c68c96b0f420211a56b4eac821b748046e9f7e7c3f8c7.exe
"C:\Users\Admin\AppData\Local\Temp\63ceb71fcdf09cb0430c68c96b0f420211a56b4eac821b748046e9f7e7c3f8c7.exe"
1⤵
PID:3764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3764-115-0x0000000000890000-0x00000000008A1000-memory.dmp

Filesize
68KB

Download
memory/3764-116-0x00000000008C0000-0x00000000008DC000-memory.dmp

Filesize
112KB

Download
memory/3764-117-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download