General
-
Target
34209a4fd524cf3e04ddb98d4bcf1caa31e8395fb59e2b835d510009c4c1d35e
-
Size
556KB
-
Sample
220222-fscq1seaap
-
MD5
6b985a83c7ab56fce81f4d2af6199137
-
SHA1
d5947f7bc0102627329b3396c05a5a88a7c571be
-
SHA256
34209a4fd524cf3e04ddb98d4bcf1caa31e8395fb59e2b835d510009c4c1d35e
-
SHA512
b7e3453cc5d475e15599cb4e8a7e3e01e10a286bbdd79fe434fd5622791f22cba6acf4131f0a3c8c0d6ec76a64054764f482d947cdabd8bb17790bda379d9dae
Static task
static1
Behavioral task
behavioral1
Sample
34209a4fd524cf3e04ddb98d4bcf1caa31e8395fb59e2b835d510009c4c1d35e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
34209a4fd524cf3e04ddb98d4bcf1caa31e8395fb59e2b835d510009c4c1d35e.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
34209a4fd524cf3e04ddb98d4bcf1caa31e8395fb59e2b835d510009c4c1d35e
-
Size
556KB
-
MD5
6b985a83c7ab56fce81f4d2af6199137
-
SHA1
d5947f7bc0102627329b3396c05a5a88a7c571be
-
SHA256
34209a4fd524cf3e04ddb98d4bcf1caa31e8395fb59e2b835d510009c4c1d35e
-
SHA512
b7e3453cc5d475e15599cb4e8a7e3e01e10a286bbdd79fe434fd5622791f22cba6acf4131f0a3c8c0d6ec76a64054764f482d947cdabd8bb17790bda379d9dae
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-