hawkeye_reborn | c0f07f5768640e2558bc0d277ae6dac37a0ba98921bd480fcc961c6caa1adbc0 | Triage

Sharing

General

Target

c0f07f5768640e2558bc0d277ae6dac37a0ba98921bd480fcc961c6caa1adbc0
Size

552KB
Sample

220314-sdb76aagdn
MD5

2a3415ff37c6f1b5513c9b0c2195b9c4
SHA1

37ac33429ba6e0391e8dab7dd1ca350801110b74
SHA256

c0f07f5768640e2558bc0d277ae6dac37a0ba98921bd480fcc961c6caa1adbc0
SHA512

278900181fa9a80a4d30fb34d7b0e4829c57694bee3d693e3714a4eaf1ca62d5c6310f230064b7d443b356c5a30089ff566afa11d3f2256a16ca736c6a6d928a

Score

10^/10

hawkeye_reborn m00nd3v_logger infostealer spyware stealer

Malware Config

Extracted

Family

hawkeye_reborn

Attributes

fields
name

Targets

- Target
  
  c0f07f5768640e2558bc0d277ae6dac37a0ba98921bd480fcc961c6caa1adbc0
- Size
  
  552KB
- MD5
  
  2a3415ff37c6f1b5513c9b0c2195b9c4
- SHA1
  
  37ac33429ba6e0391e8dab7dd1ca350801110b74
- SHA256
  
  c0f07f5768640e2558bc0d277ae6dac37a0ba98921bd480fcc961c6caa1adbc0
- SHA512
  
  278900181fa9a80a4d30fb34d7b0e4829c57694bee3d693e3714a4eaf1ca62d5c6310f230064b7d443b356c5a30089ff566afa11d3f2256a16ca736c6a6d928a
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

infostealerm00nd3v_loggerhawkeye_reborn

behavioral1

behavioral2