General
-
Target
Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe
-
Size
797KB
-
Sample
200416-zj4a2an6ps
-
MD5
505264e67b6787fedea83f9e991af967
-
SHA1
710f8b8cef9c23ca3a2e9a73ed77efad9b2dc417
-
SHA256
ea20eb1a2d508640fc12743bce90d5ce169ea87fd394a701359429498aef934c
-
SHA512
e75326df6e359362ec78d8c4ca175aeea475c0a2cad3d4437cf99ecc61c84854dbdee4e96fb46690724da700970f690faf316cd74785c9c99fb7f691ba6c517c
Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe
Resource
win7v200410
Behavioral task
behavioral2
Sample
Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe
Resource
win10v200410
Malware Config
Targets
-
-
Target
Purchase Order PO-004276 dated 15042020 for EASTERN GUIDE ELECTRONICS PTE LTD.exe
-
Size
797KB
-
MD5
505264e67b6787fedea83f9e991af967
-
SHA1
710f8b8cef9c23ca3a2e9a73ed77efad9b2dc417
-
SHA256
ea20eb1a2d508640fc12743bce90d5ce169ea87fd394a701359429498aef934c
-
SHA512
e75326df6e359362ec78d8c4ca175aeea475c0a2cad3d4437cf99ecc61c84854dbdee4e96fb46690724da700970f690faf316cd74785c9c99fb7f691ba6c517c
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enhanced version of the HawkEye malware kit.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-