Extracted

• • Target

    DNS22.exe

  • Size

    353KB

  • MD5

    142086bda3ee6d5a0d0018ff3fefc089

  • SHA1

    6f4fcd8c066b3c26f98935db8adaf850e1a9ec57

  • SHA256

    16bbcac8ee265d2fb89c92ab1b4142e8826ca297dadc6d91f2cd6a49c89f790c

  • SHA512

    e368f0fe97828f69ec982bddb84e4b45e8d8545938b523c3ace13e6263be9b80ae9b22db970c907c6abd0085bdc9675c13e6431a1a454c571dfcf3f0fd2b407e

  Score

  10^/10

  arkeidefaultdiscoveryspywarestealersuricata

  • Arkei

    Arkei is an infostealer written in C++.

    stealerarkei

  • suricata: ET MALWARE Win32/Vidar Variant/Mars Stealer CnC Exfil

    suricata: ET MALWARE Win32/Vidar Variant/Mars Stealer CnC Exfil

    suricata

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2