General
-
Target
72e3b4487e1d97fd5edc8a881962fcccbb0cd5f11efd924dfd06e5112209e2fe
-
Size
553KB
-
Sample
220310-a9ghmsfagr
-
MD5
13feab221a5ff3711a8e9b3a35421005
-
SHA1
3722ad326e01ab3b3e9aa84d82a8ea8225924e4b
-
SHA256
72e3b4487e1d97fd5edc8a881962fcccbb0cd5f11efd924dfd06e5112209e2fe
-
SHA512
ea2ddf299341657806f233c0d7ef938b6f918d45ed8384c90634472ab1bda894cfa3d6019be0b97b3e01a69f8ccd427fccde826df0c7838392336c4a43a85c6f
Static task
static1
Behavioral task
behavioral1
Sample
72e3b4487e1d97fd5edc8a881962fcccbb0cd5f11efd924dfd06e5112209e2fe.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
72e3b4487e1d97fd5edc8a881962fcccbb0cd5f11efd924dfd06e5112209e2fe.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
72e3b4487e1d97fd5edc8a881962fcccbb0cd5f11efd924dfd06e5112209e2fe
-
Size
553KB
-
MD5
13feab221a5ff3711a8e9b3a35421005
-
SHA1
3722ad326e01ab3b3e9aa84d82a8ea8225924e4b
-
SHA256
72e3b4487e1d97fd5edc8a881962fcccbb0cd5f11efd924dfd06e5112209e2fe
-
SHA512
ea2ddf299341657806f233c0d7ef938b6f918d45ed8384c90634472ab1bda894cfa3d6019be0b97b3e01a69f8ccd427fccde826df0c7838392336c4a43a85c6f
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-