General
-
Target
b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
-
Size
552KB
-
Sample
220311-1lbklaeeep
-
MD5
c514aa2734caaed67ec3164823482df8
-
SHA1
b98c1b7ade50b3337eee9ab0425e5d9b07f7f3cd
-
SHA256
b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
-
SHA512
cbe028f578e5a7c6b51638f45f04444063acae039bb2b0e1046e03ad1f73118a96b548d6fdc1c3b8961f6f811427b0b77a9a66a531a2eed0ca23f9b8d7c0e6b5
Static task
static1
Behavioral task
behavioral1
Sample
b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
-
Size
552KB
-
MD5
c514aa2734caaed67ec3164823482df8
-
SHA1
b98c1b7ade50b3337eee9ab0425e5d9b07f7f3cd
-
SHA256
b3e74c6905d76cc0049d6677166c49dff46ff27ddf309a5a78c191fef9e4a811
-
SHA512
cbe028f578e5a7c6b51638f45f04444063acae039bb2b0e1046e03ad1f73118a96b548d6fdc1c3b8961f6f811427b0b77a9a66a531a2eed0ca23f9b8d7c0e6b5
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-