arkei

General

Target

58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1.zip
Size

120KB
Sample

240724-pmgx8ayenf
MD5

c04533662d0b6566033422bd6f00490c
SHA1

7a15e933dc2d795e7ac551f14be68f807fc04e29
SHA256

99ae284534c8928e33330aa2c20dfa8445dc8189dbabff80cabf8606609d3afd
SHA512

246ba499b95cb7ef3ef93c522c41cb37a2ba8ed6d204b14e5fb81ed8239d91e074bd159685d95cb7523bf8ce757239d7503802a940e63863428195932fe94806
SSDEEP

3072:EeZWVUvEUzYf0oRwTqLMQ4baYpcPm8SUCuytn9amJt:EeZ78QYf0ewmLMRaYieUFyt9amX

Score

10^/10

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

coin-file-file-19.com/tratata.php

Targets

- Target
  
  58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1.exe
- Size
  
  267KB
- MD5
  
  78e2c97b3c64d2ca616d66d01182905f
- SHA1
  
  b124245b6716dacbbf84e1aede6b2854a5a8e8ca
- SHA256
  
  58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1
- SHA512
  
  30ba7b76a83a1f9a3eff3d7e536e152957db5670f0907d894b777f42098e5e30bb3d79e13dcf2e6a535626890cda983162202e3e022fd3a59a97039c36fd6b30
- SSDEEP
  
  3072:vsKwyFGOjBfvmRGEmRsGtgGqBXtdi6305UKvwUGCH:004iBGRGXOGqkUUC
Score

10^/10

arkei default aspackv2 discovery stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.