arkei | a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
Size

224KB
Sample

220127-r4aataedel
MD5

51841abd04b187f389f4aa801e3e1fdb
SHA1

2068ec3fc0f91beedc11444bec5948417c47534f
SHA256

a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
SHA512

6505e6ab4943e0c2ffdabccf450deb075d8d75785900a6f1b11d0079d57269b74a6f325f6c43997f93ad6cb05e1676e3b1f6424bd4bfc621b9bc2cd02967fd8c

Score

10^/10

arkei default discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://coin-file-file-19.com/tratata.php

Targets

- Target
  
  a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
- Size
  
  224KB
- MD5
  
  51841abd04b187f389f4aa801e3e1fdb
- SHA1
  
  2068ec3fc0f91beedc11444bec5948417c47534f
- SHA256
  
  a9044501b7e3eba9ed27099139d50a765247ef01e106338c306ca4d17aa50774
- SHA512
  
  6505e6ab4943e0c2ffdabccf450deb075d8d75785900a6f1b11d0079d57269b74a6f325f6c43997f93ad6cb05e1676e3b1f6424bd4bfc621b9bc2cd02967fd8c
Score

10^/10

arkei default discovery spyware stealer suricata
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
  suricata: ET MALWARE Win32/Vidar Variant Stealer CnC Exfil
  suricata
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealersuricata

© 2018-2024

Terms | Privacy