General
-
Target
H.bin
-
Size
881KB
-
Sample
200227-yw8wv17zl2
-
MD5
3fe7d81139bd40361330a07f47bb99e1
-
SHA1
391bc516fe8e1feae96fb3c7c31bcccec4fa20e6
-
SHA256
4945a1a4f65271de23a99eaad0b4a08b472b2dcb60a60a5b06f26afad49da181
-
SHA512
f22e4e2fa6be336cd26fb46f9b7d9cc656670f6c8abf5283e1cd35e718a95a53145937adc70036fc7cf850234c9090b05a190bafd9ae2ad20d9bf8441103f63e
Static task
static1
Behavioral task
behavioral1
Sample
H.bin.exe
Resource
win7v200217
Behavioral task
behavioral2
Sample
H.bin.exe
Resource
win10v200217
Malware Config
Targets
-
-
Target
H.bin
-
Size
881KB
-
MD5
3fe7d81139bd40361330a07f47bb99e1
-
SHA1
391bc516fe8e1feae96fb3c7c31bcccec4fa20e6
-
SHA256
4945a1a4f65271de23a99eaad0b4a08b472b2dcb60a60a5b06f26afad49da181
-
SHA512
f22e4e2fa6be336cd26fb46f9b7d9cc656670f6c8abf5283e1cd35e718a95a53145937adc70036fc7cf850234c9090b05a190bafd9ae2ad20d9bf8441103f63e
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enchanced version of the HawkEye malware kit.
-
Uses the VBS compiler for execution
-
Reads browser user data or profiles (possible credential harvesting)
-
Suspicious use of SetThreadContext
-