arkei | ede060b17600f8c8072bc1441433d74fec520769a14f0a95017ab756f942a3a3 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

ede060b17600f8c8072bc1441433d74fec520769a14f0a95017ab756f942a3a3
Size

324KB
Sample

220130-ceasqadeh4
MD5

167ec6f99aeaf289c9583e093239b3b4
SHA1

205b8f6b9e2acdc1796143f8a8a836024f0c3260
SHA256

ede060b17600f8c8072bc1441433d74fec520769a14f0a95017ab756f942a3a3
SHA512

e7cbe3ee084bb27398cdccd05a97c04b7768ea82358537153654fb73b717b6263eb877998445f3fac547ef6c0708f2f0354cb7208b8dc48f594bdd8641468f70

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

ede060b17600f8c8072bc1441433d74fec520769a14f0a95017ab756f942a3a3.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://coin-file-file-19.com/tratata.php

Targets

- Target
  
  ede060b17600f8c8072bc1441433d74fec520769a14f0a95017ab756f942a3a3
- Size
  
  324KB
- MD5
  
  167ec6f99aeaf289c9583e093239b3b4
- SHA1
  
  205b8f6b9e2acdc1796143f8a8a836024f0c3260
- SHA256
  
  ede060b17600f8c8072bc1441433d74fec520769a14f0a95017ab756f942a3a3
- SHA512
  
  e7cbe3ee084bb27398cdccd05a97c04b7768ea82358537153654fb73b717b6263eb877998445f3fac547ef6c0708f2f0354cb7208b8dc48f594bdd8641468f70
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy