arkei | cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
Size

223KB
Sample

220127-y3k49aadf9
MD5

5276563d00841a2319159f9a3865b238
SHA1

aed4a91c722d1e5d2fc61e75eefdf5638ed3c1ce
SHA256

cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
SHA512

2650445596381e908083f18f5ede9c2e544f087e38466ceed55d6990eacea575371ba8ca9aa6d8e752e4f39b8f4d62a0df748ad29c72742491a4434e6aae92b3

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://coin-file-file-19.com/tratata.php

Targets

- Target
  
  cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
- Size
  
  223KB
- MD5
  
  5276563d00841a2319159f9a3865b238
- SHA1
  
  aed4a91c722d1e5d2fc61e75eefdf5638ed3c1ce
- SHA256
  
  cc258eff240c19ab8de34c1d1bf8101c77afb6fc9724fb0add0ce0febb6fff97
- SHA512
  
  2650445596381e908083f18f5ede9c2e544f087e38466ceed55d6990eacea575371ba8ca9aa6d8e752e4f39b8f4d62a0df748ad29c72742491a4434e6aae92b3
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy