hawkeye_reborn | a66accde52c8f24dbd3d705a4babfee4015f547dc6f7a608cb6d37dd2930fccd | Triage

Sharing

General

Target

20BHcKSmefo7MFF.exe
Size

396KB
Sample

200527-qsxwcphkqx
MD5

f5714089e0fcf628ca4f885b24c5021a
SHA1

0405de4d982a3717948efab5e450c1d5d3cb4858
SHA256

a66accde52c8f24dbd3d705a4babfee4015f547dc6f7a608cb6d37dd2930fccd
SHA512

34e61ab8b440f897a6a39f21ae220ffa03ee3c4d4b2b2bbca9a1fdde8f51ba271f7b8c136434986644d5fb4749f0d2ab932379064d56b0d25786f2ad463ae660

Score

10^/10

hawkeye_reborn keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  20BHcKSmefo7MFF.exe
- Size
  
  396KB
- MD5
  
  f5714089e0fcf628ca4f885b24c5021a
- SHA1
  
  0405de4d982a3717948efab5e450c1d5d3cb4858
- SHA256
  
  a66accde52c8f24dbd3d705a4babfee4015f547dc6f7a608cb6d37dd2930fccd
- SHA512
  
  34e61ab8b440f897a6a39f21ae220ffa03ee3c4d4b2b2bbca9a1fdde8f51ba271f7b8c136434986644d5fb4749f0d2ab932379064d56b0d25786f2ad463ae660
Score

10^/10

keylogger trojan stealer spyware hawkeye_reborn
- HawkEye Reborn
  HawkEye Reborn is an enhanced version of the HawkEye malware kit.
  keylogger trojan stealer spyware hawkeye_reborn
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Scripting

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Scripting

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarekeyloggertrojanstealerhawkeye_reborn

behavioral2