General
-
Target
HSBC BANK LETTER.exe
-
Size
722KB
-
Sample
200415-dwddqntbhn
-
MD5
c9f3af24ebda7a1bcaa94dc81156cf45
-
SHA1
14dff67f355616a09733afabff2cf836bf9ebe52
-
SHA256
07236ee497bab6187ef9e5ea42f6a184a9bb32030b50d88f251a449b03890305
-
SHA512
719cfafe427d48211d4364954ac40bc714409b8b7a1b84cac8c208491daeee47418f25dd18b94800330485ed764539e0c62360913f59a04d44f3f87605f22663
Static task
static1
Behavioral task
behavioral1
Sample
HSBC BANK LETTER.exe
Resource
win7v200410
Behavioral task
behavioral2
Sample
HSBC BANK LETTER.exe
Resource
win10v200410
Malware Config
Targets
-
-
Target
HSBC BANK LETTER.exe
-
Size
722KB
-
MD5
c9f3af24ebda7a1bcaa94dc81156cf45
-
SHA1
14dff67f355616a09733afabff2cf836bf9ebe52
-
SHA256
07236ee497bab6187ef9e5ea42f6a184a9bb32030b50d88f251a449b03890305
-
SHA512
719cfafe427d48211d4364954ac40bc714409b8b7a1b84cac8c208491daeee47418f25dd18b94800330485ed764539e0c62360913f59a04d44f3f87605f22663
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enhanced version of the HawkEye malware kit.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-