General
-
Target
b2ebb30869af0cd1c413c3b3b841c05c4d931e8c02dfb24698b898387a00290c
-
Size
556KB
-
Sample
220311-1ymhmabga9
-
MD5
24e5ef165d59a41964b682a6efdd656b
-
SHA1
60f90df85fc40ea502be83d2eb13949f567eadca
-
SHA256
b2ebb30869af0cd1c413c3b3b841c05c4d931e8c02dfb24698b898387a00290c
-
SHA512
f40d6d35232c8df23ac8d49fa98aceebde2fdae33743b5e564ddcf0f7a218c1fefc85341f38871e43d4b78677542c6bd295b2e367f2f74c17ce421cc6fb1f56f
Static task
static1
Behavioral task
behavioral1
Sample
b2ebb30869af0cd1c413c3b3b841c05c4d931e8c02dfb24698b898387a00290c.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
b2ebb30869af0cd1c413c3b3b841c05c4d931e8c02dfb24698b898387a00290c.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
b2ebb30869af0cd1c413c3b3b841c05c4d931e8c02dfb24698b898387a00290c
-
Size
556KB
-
MD5
24e5ef165d59a41964b682a6efdd656b
-
SHA1
60f90df85fc40ea502be83d2eb13949f567eadca
-
SHA256
b2ebb30869af0cd1c413c3b3b841c05c4d931e8c02dfb24698b898387a00290c
-
SHA512
f40d6d35232c8df23ac8d49fa98aceebde2fdae33743b5e564ddcf0f7a218c1fefc85341f38871e43d4b78677542c6bd295b2e367f2f74c17ce421cc6fb1f56f
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-