74fad8e9b1a82d813dd72fce23abdc2d3819496750910c6cdcd70d7398831e2c

Target

Size

1MB

Sample

220126-2eakdsbcbr

Score

10 ^/10

MD5

2b2ec30a2bf1c7166055e754a04c6ecf

SHA1

c4d2b04eab134dd058994633765410d9aefbe837

SHA256

74fad8e9b1a82d813dd72fce23abdc2d3819496750910c6cdcd70d7398831e2c

SHA512

18642acdb1231b79112f66b06e47dee922eae4ed89a9cb00227e636833e76416023efd54c2e2728fe179659e796844fb545168248811fc2e823dc38e78e96f3e

Extracted

Family	arkei
Botnet	Default
C2	http://37.252.15.126/dhbUc2MgYS.php http://37.252.15.126/dhbUc2MgYS.php

Target

74fad8e9b1a82d813dd72fce23abdc2d3819496750910c6cdcd70d7398831e2c

MD5

2b2ec30a2bf1c7166055e754a04c6ecf

Filesize

1MB

Score

10^/10

SHA1

c4d2b04eab134dd058994633765410d9aefbe837

SHA256

74fad8e9b1a82d813dd72fce23abdc2d3819496750910c6cdcd70d7398831e2c

SHA512

18642acdb1231b79112f66b06e47dee922eae4ed89a9cb00227e636833e76416023efd54c2e2728fe179659e796844fb545168248811fc2e823dc38e78e96f3e

Signatures

Arkei
Description

Arkei is an infostealer written in C++.
Tags

stealer arkei
Arkei Stealer Payload
Tags

stealer
Downloads MZ/PE file
Loads dropped DLL
Reads user/profile data of web browsers
Description

Infostealers often target stored browser data, which can include saved credentials etc.
Tags

spyware stealer

TTPs

Data from Local SystemCredentials in Files
Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

behavioral1

Collection

Data from Local System

Command and Control

Credential Access

Credentials in Files

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

arkei default spyware stealer

10^/10

Extracted

Tags

Signatures

Arkei

Description

Tags

Arkei Stealer Payload

Tags

Downloads MZ/PE file

Loads dropped DLL

Reads user/profile data of web browsers

Description

Tags

TTPs

Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

static1

behavioral1