arkei | 8097c0335c0cccc79d2e1bc41c2e8abd1a3853207a55ee5a91a3b2256b4f000b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

8097c0335c0cccc79d2e1bc41c2e8abd1a3853207a55ee5a91a3b2256b4f000b
Size

282KB
Sample

220123-nwbl5agab8
MD5

8a43089d15961c6c339967ec22426b5b
SHA1

d326f77ae2957f92b5069b9d720c9e0d04cb09b5
SHA256

8097c0335c0cccc79d2e1bc41c2e8abd1a3853207a55ee5a91a3b2256b4f000b
SHA512

4966106498ed43ea4d70b8a61b755882ef5090e480ac484e2bcd5737b4a824d8df9a38a95f7ca26f8eb17ec897dff3c42a30149c7645635b45a6f52a9a65826c

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

8097c0335c0cccc79d2e1bc41c2e8abd1a3853207a55ee5a91a3b2256b4f000b.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://homesteadr.link/ggate.php

Targets

- Target
  
  8097c0335c0cccc79d2e1bc41c2e8abd1a3853207a55ee5a91a3b2256b4f000b
- Size
  
  282KB
- MD5
  
  8a43089d15961c6c339967ec22426b5b
- SHA1
  
  d326f77ae2957f92b5069b9d720c9e0d04cb09b5
- SHA256
  
  8097c0335c0cccc79d2e1bc41c2e8abd1a3853207a55ee5a91a3b2256b4f000b
- SHA512
  
  4966106498ed43ea4d70b8a61b755882ef5090e480ac484e2bcd5737b4a824d8df9a38a95f7ca26f8eb17ec897dff3c42a30149c7645635b45a6f52a9a65826c
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy