arkei | fafa04a971c0bce7dc4398f93cc4bca6b69fc8a603b47848259944ad029c5de5 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

fafa04a971c0bce7dc4398f93cc4bca6b69fc8a603b47848259944ad029c5de5
Size

295KB
Sample

220124-nmcg3aeeer
MD5

56d68834f92fc16f9fbfd6050fb603a5
SHA1

ff41773f9af885780fb90078fa9e91bc12311577
SHA256

fafa04a971c0bce7dc4398f93cc4bca6b69fc8a603b47848259944ad029c5de5
SHA512

841b1dceebca65a30da70d9fcbb8e7c32d07e1fc6771ab4f5a94f261de7d1e1712f5c5667e0d762acc9eac9d7a7effa56676f741613912d3ed46d26df3a3f0b3

Score

10^/10

arkei default discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

fafa04a971c0bce7dc4398f93cc4bca6b69fc8a603b47848259944ad029c5de5.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://homesteadr.link/ggate.php

Targets

- Target
  
  fafa04a971c0bce7dc4398f93cc4bca6b69fc8a603b47848259944ad029c5de5
- Size
  
  295KB
- MD5
  
  56d68834f92fc16f9fbfd6050fb603a5
- SHA1
  
  ff41773f9af885780fb90078fa9e91bc12311577
- SHA256
  
  fafa04a971c0bce7dc4398f93cc4bca6b69fc8a603b47848259944ad029c5de5
- SHA512
  
  841b1dceebca65a30da70d9fcbb8e7c32d07e1fc6771ab4f5a94f261de7d1e1712f5c5667e0d762acc9eac9d7a7effa56676f741613912d3ed46d26df3a3f0b3
Score

10^/10

arkei default discovery spyware stealer suricata
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
  suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
  suricata
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealersuricata

© 2018-2024

Terms | Privacy