General

  • Target

    3c3156de49276bfcb908126759ea0f7e

  • Size

    1.1MB

  • Sample

    240101-ht7nwsdegp

  • MD5

    3c3156de49276bfcb908126759ea0f7e

  • SHA1

    3b580fa227336f11512e592c99040db279352e92

  • SHA256

    960a8b99ffcc13827dbf38256c81cf5b8a37e4308b526713445080d2b096fbc0

  • SHA512

    429ea2f4bd883144f730223e97085ab2dd646155efb668e446f836337937b9af1c2532ba4b04ce43040b9fbf2f4fe1c68c28fdc4c0b9ba300a396fed79e497b1

  • SSDEEP

    24576:3Ia4wNu3SaZYo+51mnW0Lj7oBj3bqoWVomcqBoG:351uCr10j7oBj3mLVlcqBo

Score
10/10

Malware Config

Extracted

Family

arkei

C2

185.241.52.252/qRdXmPWvrh.php

Targets

    • Target

      3c3156de49276bfcb908126759ea0f7e

    • Size

      1.1MB

    • MD5

      3c3156de49276bfcb908126759ea0f7e

    • SHA1

      3b580fa227336f11512e592c99040db279352e92

    • SHA256

      960a8b99ffcc13827dbf38256c81cf5b8a37e4308b526713445080d2b096fbc0

    • SHA512

      429ea2f4bd883144f730223e97085ab2dd646155efb668e446f836337937b9af1c2532ba4b04ce43040b9fbf2f4fe1c68c28fdc4c0b9ba300a396fed79e497b1

    • SSDEEP

      24576:3Ia4wNu3SaZYo+51mnW0Lj7oBj3bqoWVomcqBoG:351uCr10j7oBj3mLVlcqBo

    Score
    10/10
    • Arkei

      Arkei is an infostealer written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks