hawkeye_reborn | ea20eb1a2d508640fc12743bce90d5ce169ea87fd394a701359429498aef934c | Triage

Submit
Reports

Overview

overview

Static

static

Purchase O...TD.exe

windows7_x64

Purchase O...TD.exe

windows10_x64

Sharing

General

Target

Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe
Size

797KB
Sample

200416-zj4a2an6ps
MD5

505264e67b6787fedea83f9e991af967
SHA1

710f8b8cef9c23ca3a2e9a73ed77efad9b2dc417
SHA256

ea20eb1a2d508640fc12743bce90d5ce169ea87fd394a701359429498aef934c
SHA512

e75326df6e359362ec78d8c4ca175aeea475c0a2cad3d4437cf99ecc61c84854dbdee4e96fb46690724da700970f690faf316cd74785c9c99fb7f691ba6c517c

Score

10^/10

hawkeye_reborn keylogger spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe

Resource

win7v200410

keylogger trojan stealer spyware hawkeye_reborn

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe

Resource

win10v200410

keylogger trojan stealer spyware hawkeye_reborn

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe
- Size
  
  797KB
- MD5
  
  505264e67b6787fedea83f9e991af967
- SHA1
  
  710f8b8cef9c23ca3a2e9a73ed77efad9b2dc417
- SHA256
  
  ea20eb1a2d508640fc12743bce90d5ce169ea87fd394a701359429498aef934c
- SHA512
  
  e75326df6e359362ec78d8c4ca175aeea475c0a2cad3d4437cf99ecc61c84854dbdee4e96fb46690724da700970f690faf316cd74785c9c99fb7f691ba6c517c
Score

10^/10

keylogger trojan stealer spyware hawkeye_reborn
- HawkEye Reborn
  HawkEye Reborn is an enhanced version of the HawkEye malware kit.
  keylogger trojan stealer spyware hawkeye_reborn
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

keyloggertrojanstealerspywarehawkeye_reborn

behavioral2

keyloggertrojanstealerspywarehawkeye_reborn

© 2018-2024

Terms | Privacy