arkei | 6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
Size

296KB
Sample

220124-nw5j7seec3
MD5

77c272073874b7bb8c0bae37a03c2886
SHA1

7d596e44ec63dda132a6f4bf2cdc979d50abb36a
SHA256

6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
SHA512

cb35f4133c57572613b7d06c95f3e3b77590eae5d0847fc401d463ff2d625f051b22365e8bf7303261a726640c10ca849432ea8d119b30f5c8fb92b7c620584d

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://coin-file-file-19.com/tratata.php

Targets

- Target
  
  6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
- Size
  
  296KB
- MD5
  
  77c272073874b7bb8c0bae37a03c2886
- SHA1
  
  7d596e44ec63dda132a6f4bf2cdc979d50abb36a
- SHA256
  
  6092f69de24a2fcc358c8caa20b5aae000f9a62605504737df808caccfd02406
- SHA512
  
  cb35f4133c57572613b7d06c95f3e3b77590eae5d0847fc401d463ff2d625f051b22365e8bf7303261a726640c10ca849432ea8d119b30f5c8fb92b7c620584d
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy