General
-
Target
NEW PURCHASE ORDER LISTED ITEMS HQ-61184 - AEM - SG pdf.exe
-
Size
905KB
-
Sample
200301-rsjk74491j
-
MD5
5ef872eb756c58433cc665e5f64ccab7
-
SHA1
a6f485c33e5e782de687012a0cc64369b1c0ee79
-
SHA256
5d02ec68475acc04cf84886b20979f34a5432e0faf272bb5bcb79e7d041f5f91
-
SHA512
2af90214e7d58d8bb56c9d5d4fe950ce7bdaa95568139532e47eae5deabce5cc59a199d6af7b4dfef7a134b7e34e5c992018ad6f26e0764800a31cacf95f7276
Static task
static1
Behavioral task
behavioral1
Sample
NEW PURCHASE ORDER LISTED ITEMS HQ-61184 - AEM - SG pdf.exe
Resource
win7v200217
Behavioral task
behavioral2
Sample
NEW PURCHASE ORDER LISTED ITEMS HQ-61184 - AEM - SG pdf.exe
Resource
win10v200217
Malware Config
Targets
-
-
Target
NEW PURCHASE ORDER LISTED ITEMS HQ-61184 - AEM - SG pdf.exe
-
Size
905KB
-
MD5
5ef872eb756c58433cc665e5f64ccab7
-
SHA1
a6f485c33e5e782de687012a0cc64369b1c0ee79
-
SHA256
5d02ec68475acc04cf84886b20979f34a5432e0faf272bb5bcb79e7d041f5f91
-
SHA512
2af90214e7d58d8bb56c9d5d4fe950ce7bdaa95568139532e47eae5deabce5cc59a199d6af7b4dfef7a134b7e34e5c992018ad6f26e0764800a31cacf95f7276
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enchanced version of the HawkEye malware kit.
-
Uses the VBS compiler for execution
-
Reads browser user data or profiles (possible credential harvesting)
-
Suspicious use of SetThreadContext
-