arkei

General

Target

58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1.exe
Size

267KB
Sample

240725-dkr5maxhlg
MD5

78e2c97b3c64d2ca616d66d01182905f
SHA1

b124245b6716dacbbf84e1aede6b2854a5a8e8ca
SHA256

58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1
SHA512

30ba7b76a83a1f9a3eff3d7e536e152957db5670f0907d894b777f42098e5e30bb3d79e13dcf2e6a535626890cda983162202e3e022fd3a59a97039c36fd6b30
SSDEEP

3072:vsKwyFGOjBfvmRGEmRsGtgGqBXtdi6305UKvwUGCH:004iBGRGXOGqkUUC

Score

10^/10

Malware Config

Extracted

Family

arkei

Botnet

Default

C2

coin-file-file-19.com/tratata.php

Targets

- Target
  
  58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1.exe
- Size
  
  267KB
- MD5
  
  78e2c97b3c64d2ca616d66d01182905f
- SHA1
  
  b124245b6716dacbbf84e1aede6b2854a5a8e8ca
- SHA256
  
  58439dcc59f801b60ab3fda64fd1a5e3ae1a0de95dec6abff06e047603187ea1
- SHA512
  
  30ba7b76a83a1f9a3eff3d7e536e152957db5670f0907d894b777f42098e5e30bb3d79e13dcf2e6a535626890cda983162202e3e022fd3a59a97039c36fd6b30
- SSDEEP
  
  3072:vsKwyFGOjBfvmRGEmRsGtgGqBXtdi6305UKvwUGCH:004iBGRGXOGqkUUC
Score

10^/10

arkei default aspackv2 discovery stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

ASPack v2.12-2.42

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

We care about your privacy.