arkei | 9efd3b7f9e9cfa5ecbd940440682b399fcf8269f723a045f16dfd65caf85f329 | Triage

Analysis

max time kernel
136s
max time network
138s
platform
windows10_x64
resource
win10-en-20211208
submitted
23-01-2022 06:53

Sharing

Report Analysis Logs

General

Target

9efd3b7f9e9cfa5ecbd940440682b399fcf8269f723a045f16dfd65caf85f329.exe
Size

263KB
MD5

eff5ab3d8cc1a8a66396d9c01ac496fc
SHA1

5d08eeed03201ce6336ef522001d9c2b60f44bd1
SHA256

9efd3b7f9e9cfa5ecbd940440682b399fcf8269f723a045f16dfd65caf85f329
SHA512

0728bcea02e05b5ef2897d78579d2a91d1e350fee4b5fb3273c21de748f90e874be3b9b5f0f5dc2bff95f1cedd90c6c318405387a98a3facc042bb5b1bdd3864

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://file-file-host4.com/tratata.php

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Arkei Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/2848-116-0x00000000008A0000-0x00000000008BC000-memory.dmp	family_arkei
behavioral1/memory/2848-117-0x0000000000400000-0x0000000000449000-memory.dmp	family_arkei

C:\Users\Admin\AppData\Local\Temp\9efd3b7f9e9cfa5ecbd940440682b399fcf8269f723a045f16dfd65caf85f329.exe
"C:\Users\Admin\AppData\Local\Temp\9efd3b7f9e9cfa5ecbd940440682b399fcf8269f723a045f16dfd65caf85f329.exe"
1⤵
PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2848-115-0x0000000000530000-0x000000000067A000-memory.dmp

Filesize
1.3MB

Download
memory/2848-116-0x00000000008A0000-0x00000000008BC000-memory.dmp

Filesize
112KB

Download
memory/2848-117-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download