Extracted

• • Target

    344cd873d0a5831c2c999f3d578f392167b6cae6e5c589c19692fa9118074cf8

  • Size

    1.8MB

  • MD5

    3c71365a309815edb3e4f68e31d9ad65

  • SHA1

    0dcedc057971c7d298bf14e7eec3bfb52009ed7c

  • SHA256

    344cd873d0a5831c2c999f3d578f392167b6cae6e5c589c19692fa9118074cf8

  • SHA512

    02c17b67facc4ab314c0d43072bdc178f747ba7b4441f8bebe802162f545935504bd3ff8dec7bf57e7f76ffdb8178278c5a43ac6304501331c81a2ea695b4591

  Score

  10^/10

  hawkeye_rebornm00nd3v_loggerinfostealerkeyloggerspywarestealertrojancollection

  • HawkEye Reborn

    HawkEye Reborn is an enhanced version of the HawkEye malware kit.

    keyloggertrojanstealerspywarehawkeye_reborn

  • M00nd3v_Logger

    M00nd3v Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

    stealerspywarem00nd3v_logger

  • M00nD3v Logger Payload

    Detects M00nD3v Logger payload in memory.

    infostealer

  • NirSoft MailPassView

    Password recovery tool for various email clients

  • NirSoft WebBrowserPassView

    Password recovery tool for various web browsers

  • Nirsoft

  • Drops startup file

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook accounts

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2