hawkeye_reborn | 321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d | Triage

Submit
Reports

Overview

overview

Static

static

321e95575d...5d.exe

windows7_x64

9

321e95575d...5d.exe

windows10-2004_x64

4

Sharing

General

Target

321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d
Size

552KB
Sample

220222-gnpqfsdcd9
MD5

0cd71e952a86a50e14556e70201e39d6
SHA1

47c78e13cd8b8225e53032ae21e63763f9f642c7
SHA256

321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d
SHA512

11edf1184644fb8f12f356bacdec13d0979d2b4345aec7e5843197621d189108ebb4d812677eb60a7f8d99ee6ef139927f9e47900226f7f2e4382c06f76262ef

Score

10^/10

hawkeye_reborn m00nd3v_logger collection

Static task

static1

m00nd3v_logger hawkeye_reborn

Behavioral task

behavioral1

Sample

321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

hawkeye_reborn

Attributes

fields
name

Targets

- Target
  
  321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d
- Size
  
  552KB
- MD5
  
  0cd71e952a86a50e14556e70201e39d6
- SHA1
  
  47c78e13cd8b8225e53032ae21e63763f9f642c7
- SHA256
  
  321e95575df9f4ca9858be38ee35156773aba82f4f57b0b4539a561f1e3fa95d
- SHA512
  
  11edf1184644fb8f12f356bacdec13d0979d2b4345aec7e5843197621d189108ebb4d812677eb60a7f8d99ee6ef139927f9e47900226f7f2e4382c06f76262ef
Score

9^/10

collection
- NirSoft MailPassView
  Password recovery tool for various email clients
- NirSoft WebBrowserPassView
  Password recovery tool for various web browsers
- Nirsoft
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

m00nd3v_loggerhawkeye_reborn

behavioral1

behavioral2

© 2018-2024

Terms | Privacy