arkei | bb480c7f0a06216549275d1dee70f63948bdf81d3ab605eb799b72c243158b52

Submit
Reports

Overview

overview

Static

static

MarsSample...d3.exe

windows7_x64

MarsSample...d3.exe

windows10-2004_x64

MarsSample...f4.exe

windows7_x64

MarsSample...f4.exe

windows10-2004_x64

MarsSample...3e.exe

windows7_x64

MarsSample...3e.exe

windows10-2004_x64

MarsSample...84.exe

windows7_x64

MarsSample...84.exe

windows10-2004_x64

MarsSample...1e.exe

windows7_x64

MarsSample...1e.exe

windows10-2004_x64

MarsSample...33.exe

windows7_x64

MarsSample...33.exe

windows10-2004_x64

MarsSample...10.exe

windows7_x64

MarsSample...10.exe

windows10-2004_x64

MarsSample...9a.exe

windows7_x64

MarsSample...9a.exe

windows10-2004_x64

MarsSample...f6.exe

windows7_x64

MarsSample...f6.exe

windows10-2004_x64

MarsSample...03.exe

windows7_x64

MarsSample...03.exe

windows10-2004_x64

MarsSample...a5.exe

windows7_x64

MarsSample...a5.exe

windows10-2004_x64

MarsSample...14.exe

windows7_x64

MarsSample...14.exe

windows10-2004_x64

MarsSample...fe.exe

windows7_x64

MarsSample...fe.exe

windows10-2004_x64

MarsSample...e7.exe

windows7_x64

MarsSample...e7.exe

windows10-2004_x64

MarsSample...75.exe

windows7_x64

MarsSample...75.exe

windows10-2004_x64

MarsSample...00.exe

windows7_x64

MarsSample...00.exe

windows10-2004_x64

Analysis

max time kernel
138s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
20-05-2022 20:03

Sharing

Copy URL

Twitter E-mail

Static task

static1

default arkei

Behavioral task

behavioral1

Sample

MarsSamples/6d1365e37040955a395c3c0cdec2fd338f77d6067c0716858a9451de786219d3.exe

Resource

win7-20220414-en

arkei default spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

MarsSamples/6d1365e37040955a395c3c0cdec2fd338f77d6067c0716858a9451de786219d3.exe

Resource

win10v2004-20220414-en

arkei default spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

MarsSamples/70afcf1b0507e851f3a9ac434129fce707de39ebb8e09a956d2d41e065d409f4.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

MarsSamples/70afcf1b0507e851f3a9ac434129fce707de39ebb8e09a956d2d41e065d409f4.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

MarsSamples/771c829087e13220bf66aba98879059fecd2de0774900fabd043f495a2c9f63e.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

MarsSamples/771c829087e13220bf66aba98879059fecd2de0774900fabd043f495a2c9f63e.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

MarsSamples/813b776096fefc9a314814fc0a79019e50268ab598dd7257fc5f3cc438191d84.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

MarsSamples/813b776096fefc9a314814fc0a79019e50268ab598dd7257fc5f3cc438191d84.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

MarsSamples/8c192fb5bff179a874a8c484e748fd18b722840278848d9e0ff9f388fc528e1e.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

MarsSamples/8c192fb5bff179a874a8c484e748fd18b722840278848d9e0ff9f388fc528e1e.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

MarsSamples/90486182025452ef6411fb51aec3f3ad46e0dac44b17fa84e5421adeeddbf833.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

MarsSamples/90486182025452ef6411fb51aec3f3ad46e0dac44b17fa84e5421adeeddbf833.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

MarsSamples/9699bee0ae268555ceb77a02522f568229233284c9eb698209c03b05b1304b10.exe

Resource

win7-20220414-en

arkei default discovery spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

MarsSamples/9699bee0ae268555ceb77a02522f568229233284c9eb698209c03b05b1304b10.exe

Resource

win10v2004-20220414-en

arkei default discovery spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

MarsSamples/97121634e7eda9ea36ad75a3094f55803b1bf2d76e5a048ec1baa32efeea3d9a.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

MarsSamples/97121634e7eda9ea36ad75a3094f55803b1bf2d76e5a048ec1baa32efeea3d9a.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

MarsSamples/97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

MarsSamples/97eaa5a789cfd6a823ac97af840d0df2b033a876addcb52aabea4ee65a37dbf6.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

MarsSamples/a564b6f55800989a8be0754dafd3bacd266f6a01c46dfa84b39b9951cd589f03.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

MarsSamples/a564b6f55800989a8be0754dafd3bacd266f6a01c46dfa84b39b9951cd589f03.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

MarsSamples/a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

MarsSamples/a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

MarsSamples/b09cc2593ffab58f1f4efe7819e5a8706e3e820e1b129f30f465866a26562a14.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

MarsSamples/b09cc2593ffab58f1f4efe7819e5a8706e3e820e1b129f30f465866a26562a14.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

MarsSamples/b1b0be300d85d98bc103a1eae4993bbf848b339ec9240ca3799f5d1786d5bafe.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

MarsSamples/b1b0be300d85d98bc103a1eae4993bbf848b339ec9240ca3799f5d1786d5bafe.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

MarsSamples/b318801ed5926156ce9440f49851b0cc0dd8e3178f1581b98257148bf2c223e7.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

MarsSamples/b318801ed5926156ce9440f49851b0cc0dd8e3178f1581b98257148bf2c223e7.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

MarsSamples/b3ba3e17aea3cf91ad56fb400f47d8a20e3d442706e86b6844699f4bfcda9275.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

MarsSamples/b3ba3e17aea3cf91ad56fb400f47d8a20e3d442706e86b6844699f4bfcda9275.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

MarsSamples/baea9f80f8c646c5d267ee930f2fc4877066fbf1f8241436ef7be984c4de9500.exe

Resource

win7-20220414-en

arkei default stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

MarsSamples/baea9f80f8c646c5d267ee930f2fc4877066fbf1f8241436ef7be984c4de9500.exe

Resource

win10v2004-20220414-en

arkei default stealer

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

MarsSamples/a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe
Size

159KB
MD5

949fdececdb546d6a6fd04fa0c18a47d
SHA1

6bc571e10bb6df3831fb1f87c40772f4892a276d
SHA256

a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5
SHA512

772bdfe5ba5919a6abf37f078be4b91e71bb07de91a39ba871b531f6f97d74e0e6be4a78011999001c0a5f832dcdadf4839a87ccee22fbdeeac627059412d231

Score

10^/10

arkei default stealer

Malware Config

Extracted

Family

arkei

Botnet

Default

Signatures

Arkei
Arkei is an infostealer written in C++.
stealer arkei

Processes

C:\Users\Admin\AppData\Local\Temp\MarsSamples\a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe
"C:\Users\Admin\AppData\Local\Temp\MarsSamples\a56fcfef8acfc51cdae41833d90e4b11b61aa151fddc5ecb31d197bcd2c27da5.exe"
1⤵
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1720-130-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download