Overview

overview

10

Static

static

10

e4cd56a7bc...bf.exe

windows7_x64

9

e4cd56a7bc...bf.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4cd56a7bccf20f9b7b2334bed6355ca6245a2e39059934eb585cbf4ac96b7bf

  • Size

    552KB

  • Sample

    220313-yt3b6scbbr

  • MD5

    fb814c69c293149fdb3c42f670304ea6

  • SHA1

    e31a85725496767628c2df42e997206ef96aaf77

  • SHA256

    e4cd56a7bccf20f9b7b2334bed6355ca6245a2e39059934eb585cbf4ac96b7bf

  • SHA512

    f5ca79144eb060b8647ab95d184c608d43e52df052a786c3b18775bd7444ffd97a30c7f45cb77ac6e1929f79ab524868fdd27f5a12619651871019c07e50c081

Score
10/10
hawkeye_rebornm00nd3v_loggercollectioninfostealer

Malware Config

Extracted

Family

hawkeye_reborn

Attributes
  • fields

  • name

Targets

    • Target

      e4cd56a7bccf20f9b7b2334bed6355ca6245a2e39059934eb585cbf4ac96b7bf

    • Size

      552KB

    • MD5

      fb814c69c293149fdb3c42f670304ea6

    • SHA1

      e31a85725496767628c2df42e997206ef96aaf77

    • SHA256

      e4cd56a7bccf20f9b7b2334bed6355ca6245a2e39059934eb585cbf4ac96b7bf

    • SHA512

      f5ca79144eb060b8647ab95d184c608d43e52df052a786c3b18775bd7444ffd97a30c7f45cb77ac6e1929f79ab524868fdd27f5a12619651871019c07e50c081

    Score
    9/10
    collection

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Uses the VBS compiler for execution

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks