General
-
Target
Notifikatiounsdokument 031020.exe
-
Size
1.9MB
-
Sample
200205-2py68krddx
-
MD5
d736500558975b57a94cb005746fd41d
-
SHA1
9cfc3e56480244c8da8ea991cd871d3a626752f4
-
SHA256
729bb1c1ef5a32944905a3a261cc1fcd9d3d3fd811ea78bf13c1db0c8fc79537
-
SHA512
5ec4646171951b3d0535a787d5526fc76da0c946c86c07bb2eb584439988a6751b403abd14ca9bf469761b37505e13141fc581513d6c1ae43340aa63f2045930
Task
task1
Sample
Notifikatiounsdokument 031020.exe
Resource
win7v191014
Task
task2
Sample
Notifikatiounsdokument 031020.exe
Resource
win10v191014
Malware Config
Targets
-
-
Target
Notifikatiounsdokument 031020.exe
-
Size
1.9MB
-
MD5
d736500558975b57a94cb005746fd41d
-
SHA1
9cfc3e56480244c8da8ea991cd871d3a626752f4
-
SHA256
729bb1c1ef5a32944905a3a261cc1fcd9d3d3fd811ea78bf13c1db0c8fc79537
-
SHA512
5ec4646171951b3d0535a787d5526fc76da0c946c86c07bb2eb584439988a6751b403abd14ca9bf469761b37505e13141fc581513d6c1ae43340aa63f2045930
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enchanced version of the HawkEye malware kit.
-
Uses the VBS compiler for execution
-
Reads browser user data or profiles (possible credential harvesting)
-
Suspicious use of SetThreadContext
-