General
-
Target
INV1.exe
-
Size
2.4MB
-
Sample
200301-v8a5me1xjs
-
MD5
0d4d52901a4cb69ba79e116f0db9de72
-
SHA1
47c90b1490f7b3523490794951f3fa79a4114c91
-
SHA256
dec757dc1c2b7722acf90fb43dac3e8e7052fa4c4a3c7c53126d93af5013ab2c
-
SHA512
9947dcd78c31ef1bfa0cdcf821179426b461d0706b967a50a43bb19e13cd73ccaccb7f6a041a9ce00585a9371984ed7ed0409dfae0041f5d875698210a930f76
Static task
static1
Behavioral task
behavioral1
Sample
INV1.exe
Resource
win7v200217
Behavioral task
behavioral2
Sample
INV1.exe
Resource
win10v200217
Malware Config
Targets
-
-
Target
INV1.exe
-
Size
2.4MB
-
MD5
0d4d52901a4cb69ba79e116f0db9de72
-
SHA1
47c90b1490f7b3523490794951f3fa79a4114c91
-
SHA256
dec757dc1c2b7722acf90fb43dac3e8e7052fa4c4a3c7c53126d93af5013ab2c
-
SHA512
9947dcd78c31ef1bfa0cdcf821179426b461d0706b967a50a43bb19e13cd73ccaccb7f6a041a9ce00585a9371984ed7ed0409dfae0041f5d875698210a930f76
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enchanced version of the HawkEye malware kit.
-
Deletes itself
-
Drops startup file
-
Uses the VBS compiler for execution
-
Reads browser user data or profiles (possible credential harvesting)
-
Suspicious use of SetThreadContext
-