hawkeye_reborn | b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811 | Triage

Submit
Reports

Overview

overview

Static

static

b3e74c6905...11.exe

windows7_x64

9

b3e74c6905...11.exe

windows10-2004_x64

1

Sharing

General

Target

b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
Size

552KB
Sample

220311-1lbklaeeep
MD5

c514aa2734caaed67ec3164823482df8
SHA1

b98c1b7ade50b3337eee9ab0425e5d9b07f7f3cd
SHA256

b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
SHA512

cbe028f578e5a7c6b51638f45f04444063acae039bb2b0e1046e03ad1f73118a96b548d6fdc1c3b8961f6f811427b0b77a9a66a531a2eed0ca23f9b8d7c0e6b5

Score

10^/10

hawkeye_reborn m00nd3v_logger collection infostealer

Static task

static1

infostealer m00nd3v_logger hawkeye_reborn

Behavioral task

behavioral1

Sample

b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811.exe

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

hawkeye_reborn

Attributes

fields
name

Targets

- Target
  
  b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
- Size
  
  552KB
- MD5
  
  c514aa2734caaed67ec3164823482df8
- SHA1
  
  b98c1b7ade50b3337eee9ab0425e5d9b07f7f3cd
- SHA256
  
  b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
- SHA512
  
  cbe028f578e5a7c6b51638f45f04444063acae039bb2b0e1046e03ad1f73118a96b548d6fdc1c3b8961f6f811427b0b77a9a66a531a2eed0ca23f9b8d7c0e6b5
Score

9^/10

collection
- NirSoft MailPassView
  Password recovery tool for various email clients
- NirSoft WebBrowserPassView
  Password recovery tool for various web browsers
- Nirsoft
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

infostealerm00nd3v_loggerhawkeye_reborn

behavioral1

behavioral2

© 2018-2024

Terms | Privacy