Overview

overview

10

Static

static

10

9d0f8c1810...88.exe

windows7_x64

9

9d0f8c1810...88.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d0f8c1810c8a43925a45a1472d6c36d276d1b09b4fb8539d1452ba614800b88

  • Size

    556KB

  • Sample

    220312-e92k2afeh8

  • MD5

    12f431cf3ead4b5fa698d9429f454f62

  • SHA1

    5d7802a34aab9d38c8651e086a6fc26122a68b02

  • SHA256

    9d0f8c1810c8a43925a45a1472d6c36d276d1b09b4fb8539d1452ba614800b88

  • SHA512

    794543a45e2b2ccf1efff1349919618fc104b6dd945e588241d508ff07398b95c392e0b5311f210d4c06b5c06a7ca5ad54a9c22eaba07dd432fa928c0c8604a4

Score
10/10
hawkeye_rebornm00nd3v_loggercollectioninfostealer

Malware Config

Extracted

Family

hawkeye_reborn

Attributes
  • fields

  • name

Targets

    • Target

      9d0f8c1810c8a43925a45a1472d6c36d276d1b09b4fb8539d1452ba614800b88

    • Size

      556KB

    • MD5

      12f431cf3ead4b5fa698d9429f454f62

    • SHA1

      5d7802a34aab9d38c8651e086a6fc26122a68b02

    • SHA256

      9d0f8c1810c8a43925a45a1472d6c36d276d1b09b4fb8539d1452ba614800b88

    • SHA512

      794543a45e2b2ccf1efff1349919618fc104b6dd945e588241d508ff07398b95c392e0b5311f210d4c06b5c06a7ca5ad54a9c22eaba07dd432fa928c0c8604a4

    Score
    9/10
    collection

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Uses the VBS compiler for execution

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks