arkei | 01d8c4d08e555c8ea87b3b227c9ddb1a7092f56787d429c71c11589a422bbee6 | Triage

Sharing

General

Target

01d8c4d08e555c8ea87b3b227c9ddb1a7092f56787d429c71c11589a422bbee6
Size

840KB
Sample

220523-wagj9ahed4
MD5

adedd222b98f6677ac30ccc81c38954b
SHA1

1477164ec83772104e90ddda0f882283a002990f
SHA256

01d8c4d08e555c8ea87b3b227c9ddb1a7092f56787d429c71c11589a422bbee6
SHA512

085aeadd6d15025ec4e508cbcdfeb5c10b7c524510d8a4760a6d7214e57e71c8272b1071ca286f50a1dbe1abd39bf6c801365be5f6660133ccf9a9d091e98663

Score

10^/10

arkei default stealer suricata

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://timebound.ug/pps.ps1

Extracted

Family

arkei

Botnet

Default

Targets

- Target
  
  01d8c4d08e555c8ea87b3b227c9ddb1a7092f56787d429c71c11589a422bbee6
- Size
  
  840KB
- MD5
  
  adedd222b98f6677ac30ccc81c38954b
- SHA1
  
  1477164ec83772104e90ddda0f882283a002990f
- SHA256
  
  01d8c4d08e555c8ea87b3b227c9ddb1a7092f56787d429c71c11589a422bbee6
- SHA512
  
  085aeadd6d15025ec4e508cbcdfeb5c10b7c524510d8a4760a6d7214e57e71c8272b1071ca286f50a1dbe1abd39bf6c801365be5f6660133ccf9a9d091e98663
Score

10^/10

arkei default stealer suricata
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- suricata: ET MALWARE Windows executable base64 encoded
  suricata: ET MALWARE Windows executable base64 encoded
  suricata
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

arkeidefaultstealersuricata

behavioral2

arkeistealersuricata