arkei | 7f69477ead7673b1b8f21aad774ab5894330802588d53bad045442e53a580657

Analysis

max time kernel
127s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
05/11/2023, 00:11

Target

2940-0-0x0000000000400000-0x000000000043D000-memory.exe
Size

244KB
MD5

177b8d6960bbfdc3a281c0abb9abcf03
SHA1

23ee311fb5da37543d9eed6f20208d995f06773f
SHA256

7f69477ead7673b1b8f21aad774ab5894330802588d53bad045442e53a580657
SHA512

4e46cd7dd2b3e6e152da7bee1a7aa8f3465776698e4d48f660264ff07851a41c64645075f5ac3621f9160898fc394b83f92029c0eb0370c7f3cc31110a71d45d
SSDEEP

1536:UYz/E8hW9NdYAygNlvhIoOl9SAKD7PNch1ZmmImh1ADN8blGe5SagvHLNaV8bJ3n:Um/E8k9ZjpIL+zNch12KbAwSaSzJSp8

Score

10^/10

arkei stealer

Program crash 1 IoCs

pid	pid_target	Process	procid_target
888	220	WerFault.exe	84

C:\Users\Admin\AppData\Local\Temp\2940-0-0x0000000000400000-0x000000000043D000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\2940-0-0x0000000000400000-0x000000000043D000-memory.exe"
1⤵
PID:220
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 220 -s 216
  2⤵
  - Program crash
  PID:888

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 220 -ip 220
1⤵
PID:1832

memory/220-0-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download