arkei | 512b0344c289808871d294c5b0cb9c64f58f57734a392bf58d2c7b7562e65e82 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

512b0344c289808871d294c5b0cb9c64f58f57734a392bf58d2c7b7562e65e82
Size

264KB
Sample

220131-m2x7mshfc8
MD5

01e50b95c50cf4fe6f257712b933f68e
SHA1

b6a4949b5a3e406893e3d20eee71050914cda1cf
SHA256

512b0344c289808871d294c5b0cb9c64f58f57734a392bf58d2c7b7562e65e82
SHA512

aba52c979e2c77c081b8ad536b75307929e2deb79ffe3e4834367a8f632dca98a01887908ea2ff166e88255c1fc46191c1a193d48ace07bef77f819da5edc902

Score

10^/10

arkei default discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

512b0344c289808871d294c5b0cb9c64f58f57734a392bf58d2c7b7562e65e82.exe

Resource

win10-en-20211208

arkei default discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://coin-file-file-19.com/tratata.php

Targets

- Target
  
  512b0344c289808871d294c5b0cb9c64f58f57734a392bf58d2c7b7562e65e82
- Size
  
  264KB
- MD5
  
  01e50b95c50cf4fe6f257712b933f68e
- SHA1
  
  b6a4949b5a3e406893e3d20eee71050914cda1cf
- SHA256
  
  512b0344c289808871d294c5b0cb9c64f58f57734a392bf58d2c7b7562e65e82
- SHA512
  
  aba52c979e2c77c081b8ad536b75307929e2deb79ffe3e4834367a8f632dca98a01887908ea2ff166e88255c1fc46191c1a193d48ace07bef77f819da5edc902
Score

10^/10

arkei default discovery spyware stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei Stealer Payload
  stealer
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

arkeidefaultdiscoveryspywarestealer

© 2018-2024

Terms | Privacy