arkei | ec0e3f40d7c60b705623b9d743de671aeab07ffbca5ee7c4646d6e30fe8d7546 | Triage

Sharing

General

Target

ca29ff3eb553c5995a5cbb358e18fd20_JaffaCakes118
Size

107KB
Sample

241206-ax7t3awrbj
MD5

ca29ff3eb553c5995a5cbb358e18fd20
SHA1

7a3f4cf9875cb230aea1575f117ed8c77000e511
SHA256

ec0e3f40d7c60b705623b9d743de671aeab07ffbca5ee7c4646d6e30fe8d7546
SHA512

e81a3c70a17ac7610df5ea056a56fb3e65fe51721dee8f2a962d840fc50ea4eca815b11fc5d07d2246cf32d555340ac1156131c7cb3e346f7e1866cacc53b5a0
SSDEEP

3072:U96xNOZ+EYq8klcPMxtoSzEphwPgKWE6HAj:U9uOdBjoSzEpYzEu

Score

10^/10

arkei discovery stealer

Malware Config

Extracted

Family

arkei

C2

95.181.157.6/G7yb65MmI9.php

Targets

- Target
  
  ca29ff3eb553c5995a5cbb358e18fd20_JaffaCakes118
- Size
  
  107KB
- MD5
  
  ca29ff3eb553c5995a5cbb358e18fd20
- SHA1
  
  7a3f4cf9875cb230aea1575f117ed8c77000e511
- SHA256
  
  ec0e3f40d7c60b705623b9d743de671aeab07ffbca5ee7c4646d6e30fe8d7546
- SHA512
  
  e81a3c70a17ac7610df5ea056a56fb3e65fe51721dee8f2a962d840fc50ea4eca815b11fc5d07d2246cf32d555340ac1156131c7cb3e346f7e1866cacc53b5a0
- SSDEEP
  
  3072:U96xNOZ+EYq8klcPMxtoSzEphwPgKWE6HAj:U9uOdBjoSzEpYzEu
Score

10^/10

discovery arkei stealer
- Arkei
  Arkei is an infostealer written in C++.
  stealer arkei
- Arkei family
  arkei
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

arkeidiscoverystealer