General
-
Target
00eb48e443448ac6917516a168fd3f98e8a04bd09115130f248f6fe672b260b7
-
Size
552KB
-
Sample
220223-bwz89shfej
-
MD5
d76cb6621435ae9a51e621c5d4ad25ff
-
SHA1
9a28744b6b132c8b7a6e7ff329cf9d422fac5644
-
SHA256
00eb48e443448ac6917516a168fd3f98e8a04bd09115130f248f6fe672b260b7
-
SHA512
b9c4fc33a93a36af1bf5a4d76983234e589af2a9515b885797cdf99d8cdfe5d870b06268f4c30de9ba40695a6f6ef4f9db9c16e95d4af2811c18a750d70b5537
Static task
static1
Behavioral task
behavioral1
Sample
00eb48e443448ac6917516a168fd3f98e8a04bd09115130f248f6fe672b260b7.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
00eb48e443448ac6917516a168fd3f98e8a04bd09115130f248f6fe672b260b7.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
00eb48e443448ac6917516a168fd3f98e8a04bd09115130f248f6fe672b260b7
-
Size
552KB
-
MD5
d76cb6621435ae9a51e621c5d4ad25ff
-
SHA1
9a28744b6b132c8b7a6e7ff329cf9d422fac5644
-
SHA256
00eb48e443448ac6917516a168fd3f98e8a04bd09115130f248f6fe672b260b7
-
SHA512
b9c4fc33a93a36af1bf5a4d76983234e589af2a9515b885797cdf99d8cdfe5d870b06268f4c30de9ba40695a6f6ef4f9db9c16e95d4af2811c18a750d70b5537
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-