General

  • Target

    tmp

  • Size

    347KB

  • Sample

    220419-j68x6aadck

  • MD5

    88d5c0bff7ccbc87e94adf5aed73e1d9

  • SHA1

    8d4e1c37d3cee528d4cc43f33aa001ce5ac5e3c9

  • SHA256

    22e463d29590a7485292819597991bcd06bf8ceceebf567c955f294dc542711a

  • SHA512

    dca5f477161cb6ac8fdf7720d4070470128ab171a20eca3f8768d7bd85085e7755264dffdf71eb3c8498a03394810fff33e7c0dbbe16ce41e5df218c5dfc8778

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

http://45.138.157.138/ZSnH91i5Xb.php

Targets

    • Target

      tmp

    • Size

      347KB

    • MD5

      88d5c0bff7ccbc87e94adf5aed73e1d9

    • SHA1

      8d4e1c37d3cee528d4cc43f33aa001ce5ac5e3c9

    • SHA256

      22e463d29590a7485292819597991bcd06bf8ceceebf567c955f294dc542711a

    • SHA512

      dca5f477161cb6ac8fdf7720d4070470128ab171a20eca3f8768d7bd85085e7755264dffdf71eb3c8498a03394810fff33e7c0dbbe16ce41e5df218c5dfc8778

    • Arkei

      Arkei is an infostealer written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks