arkei | 02171ebc5460c825e2ce04b9464750554d73a999c0961e3c63422ed7a4af4b09

Analysis

max time kernel
93s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
22-12-2023 15:20

Target

d8345c0a9a3423e6cedc578315860241.exe
Size

209KB
MD5

d8345c0a9a3423e6cedc578315860241
SHA1

df670734aee656a4035e4b1acc11ce337b385058
SHA256

02171ebc5460c825e2ce04b9464750554d73a999c0961e3c63422ed7a4af4b09
SHA512

6ea9ac039170999646ce85ccece1893c4a149f9f0372108ee4505edd4fe529b00c37bd44012c8b5ac6a2726f132a1573eee4f07c6cfc4320af4a64d4de91ccdb
SSDEEP

3072:hexdpLh1gyL5iODl+yvM0GJAAFUVwCQphYS5FexMbW4Xgs9ENPGdwDYTuKJIX:0x/Lh13rJ+WMoAFmwRexMCwFMGd7TuK

Score

10^/10

arkei stealer

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3644	1016	WerFault.exe	58

C:\Users\Admin\AppData\Local\Temp\d8345c0a9a3423e6cedc578315860241.exe
"C:\Users\Admin\AppData\Local\Temp\d8345c0a9a3423e6cedc578315860241.exe"
1⤵
PID:1016
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1016 -s 556
  2⤵
  - Program crash
  PID:3644

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 1016 -ip 1016
1⤵
PID:3024

memory/1016-1-0x0000000002460000-0x0000000002560000-memory.dmp

Filesize
1024KB

Download
memory/1016-2-0x0000000002400000-0x0000000002419000-memory.dmp

Filesize
100KB

Download
memory/1016-3-0x0000000000400000-0x0000000002152000-memory.dmp

Filesize
29.3MB

Download
memory/1016-5-0x0000000000400000-0x0000000002152000-memory.dmp

Filesize
29.3MB

Download