arkei | bb480c7f0a06216549275d1dee70f63948bdf81d3ab605eb799b72c243158b52

Submit
Reports

Overview

overview

Static

static

MarsSample...d3.exe

windows7_x64

MarsSample...d3.exe

windows10-2004_x64

MarsSample...f4.exe

windows7_x64

MarsSample...f4.exe

windows10-2004_x64

MarsSample...3e.exe

windows7_x64

MarsSample...3e.exe

windows10-2004_x64

MarsSample...84.exe

windows7_x64

MarsSample...84.exe

windows10-2004_x64

MarsSample...1e.exe

windows7_x64

MarsSample...1e.exe

windows10-2004_x64

MarsSample...33.exe

windows7_x64

MarsSample...33.exe

windows10-2004_x64

MarsSample...10.exe

windows7_x64

MarsSample...10.exe

windows10-2004_x64

MarsSample...9a.exe

windows7_x64

MarsSample...9a.exe

windows10-2004_x64

MarsSample...f6.exe

windows7_x64

MarsSample...f6.exe

windows10-2004_x64

MarsSample...03.exe

windows7_x64

MarsSample...03.exe

windows10-2004_x64

MarsSample...a5.exe

windows7_x64

MarsSample...a5.exe

windows10-2004_x64

MarsSample...14.exe

windows7_x64

MarsSample...14.exe

windows10-2004_x64

MarsSample...fe.exe

windows7_x64

MarsSample...fe.exe

windows10-2004_x64

MarsSample...e7.exe

windows7_x64

MarsSample...e7.exe

windows10-2004_x64

MarsSample...75.exe

windows7_x64

MarsSample...75.exe

windows10-2004_x64

MarsSample...00.exe

windows7_x64

MarsSample...00.exe

windows10-2004_x64

Analysis

max time kernel
150s
max time network
156s
platform
windows7_x64
resource
win7-20220414-en
submitted
20-05-2022 20:03

Sharing

Copy URL

Twitter E-mail

Static task

static1

default arkei

Behavioral task

behavioral1

Sample

MarsSamples/6d1365e37040955a395c3c0cdec2fd338f77d6067c0716858a9451de786219d3.exe

Resource

win7-20220414-en

arkei default spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

MarsSamples/6d1365e37040955a395c3c0cdec2fd338f77d6067c0716858a9451de786219d3.exe

Resource

win10v2004-20220414-en

arkei default spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

MarsSamples/70afcf1b0507e851f3a9ac434129fce707de39ebb8e09a956d2d41e065d409f4.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

MarsSamples/70afcf1b0507e851f3a9ac434129fce707de39ebb8e09a956d2d41e065d409f4.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

MarsSamples/771c829087e13220bf66aba98879059fecd2de0774900fabd043f495a2c9f63e.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

MarsSamples/771c829087e13220bf66aba98879059fecd2de0774900fabd043f495a2c9f63e.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

MarsSamples/813b776096fefc9a314814fc0a79019e50268ab598dd7257fc5f3cc438191d84.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

MarsSamples/813b776096fefc9a314814fc0a79019e50268ab598dd7257fc5f3cc438191d84.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

MarsSamples/8c192fb5bff179a874a8c484e748fd18b722840278848d9e0ff9f388fc528e1e.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

MarsSamples/8c192fb5bff179a874a8c484e748fd18b722840278848d9e0ff9f388fc528e1e.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

MarsSamples/90486182025452ef6411fb51aec3f3ad46e0dac44b17fa84e5421adeeddbf833.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

MarsSamples/90486182025452ef6411fb51aec3f3ad46e0dac44b17fa84e5421adeeddbf833.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

MarsSamples/9699bee0ae268555ceb77a02522f568229233284c9eb698209c03b05b1304b10.exe

Resource

win7-20220414-en

arkei default discovery spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

MarsSamples/9699bee0ae268555ceb77a02522f568229233284c9eb698209c03b05b1304b10.exe

Resource

win10v2004-20220414-en

arkei default discovery spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

MarsSamples/97121634e7eda9ea36ad75a3094f55803b1bf2d76e5a048ec1baa32efeea3d9a.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

MarsSamples/97121634e7eda9ea36ad75a3094f55803b1bf2d76e5a048ec1baa32efeea3d9a.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

MarsSamples/97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

MarsSamples/97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

MarsSamples/a564b6f55800989a8be0754dafd3bacd266f6a01c46dfa84b39b9951cd589f03.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

MarsSamples/a564b6f55800989a8be0754dafd3bacd266f6a01c46dfa84b39b9951cd589f03.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

MarsSamples/a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

MarsSamples/a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

MarsSamples/b09cc2593ffab58f1f4efe7819e5a8706e3e820e1b129f30f465866a26562a14.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

MarsSamples/b09cc2593ffab58f1f4efe7819e5a8706e3e820e1b129f30f465866a26562a14.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

MarsSamples/b1b0be300d85d98bc103a1eae4993bbf848b339ec9240ca3799f5d1786d5bafe.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

MarsSamples/b1b0be300d85d98bc103a1eae4993bbf848b339ec9240ca3799f5d1786d5bafe.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

MarsSamples/b318801ed5926156ce9440f49851b0cc0dd8e3178f1581b98257148bf2c223e7.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

MarsSamples/b318801ed5926156ce9440f49851b0cc0dd8e3178f1581b98257148bf2c223e7.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

MarsSamples/b3ba3e17aea3cf91ad56fb400f47d8a20e3d442706e86b6844699f4bfcda9275.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

MarsSamples/b3ba3e17aea3cf91ad56fb400f47d8a20e3d442706e86b6844699f4bfcda9275.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

MarsSamples/baea9f80f8c646c5d267ee930f2fc4877066fbf1f8241436ef7be984c4de9500.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

MarsSamples/baea9f80f8c646c5d267ee930f2fc4877066fbf1f8241436ef7be984c4de9500.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

MarsSamples/97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe
Size

159KB
MD5

e6ccc89ec856f6adc6eb84e3bc00a08a
SHA1

ff1330dbac4312dfbe8e6293af267f08a4175827
SHA256

97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6
SHA512

0d8b88fd6e0227c9593aa4bddd980a122c1ddb5095618d3212931a8e96ca26e3e6c1ff7834f98de80b43c3518e0fdc3459a10098fbd8ad66b2d6f6c39732c2bc

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Processes

C:\Users\Admin\AppData\Local\Temp\MarsSamples\97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe
"C:\Users\Admin\AppData\Local\Temp\MarsSamples\97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe"
1⤵
PID:1808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1808-54-0x0000000075BD1000-0x0000000075BD3000-memory.dmp

Filesize
8KB

Download
memory/1808-55-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download