Overview

overview

10

Static

static

10

be45c7c501...7a.exe

windows7_x64

9

be45c7c501...7a.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be45c7c50188ef8b32ad85371e15796fbcf391c1140c57b0ddc87346c376b47a

  • Size

    556KB

  • Sample

    220314-s75rkabcer

  • MD5

    a00f95e5954c3f6bf27f166cf268c077

  • SHA1

    93b270716fc487a77a0ce25636d36dc68cc95981

  • SHA256

    be45c7c50188ef8b32ad85371e15796fbcf391c1140c57b0ddc87346c376b47a

  • SHA512

    21944e219f6ab75d66f0aa200f2dbb4dbd982cd10dd490f18d7b947578a1b507ec0260833464dba51c2e6f46c1022fa8f1d4527920739f630a23cc9e211d8e99

Score
10/10
hawkeye_rebornm00nd3v_loggercollectioninfostealer

Malware Config

Extracted

Family

hawkeye_reborn

Attributes
  • fields

  • name

Targets

    • Target

      be45c7c50188ef8b32ad85371e15796fbcf391c1140c57b0ddc87346c376b47a

    • Size

      556KB

    • MD5

      a00f95e5954c3f6bf27f166cf268c077

    • SHA1

      93b270716fc487a77a0ce25636d36dc68cc95981

    • SHA256

      be45c7c50188ef8b32ad85371e15796fbcf391c1140c57b0ddc87346c376b47a

    • SHA512

      21944e219f6ab75d66f0aa200f2dbb4dbd982cd10dd490f18d7b947578a1b507ec0260833464dba51c2e6f46c1022fa8f1d4527920739f630a23cc9e211d8e99

    Score
    9/10
    collection

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Uses the VBS compiler for execution

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks