Extracted

• • Target

    d8ababca584ba4feecd850a69aef231068e9e025d31afe75dbe681dbf5c2d5fd

  • Size

    17KB

  • MD5

    c6ef22d341307db526ba8f5fe2a00d12

  • SHA1

    915e592739f6561fa871d0754f12a3a3d50153ee

  • SHA256

    d8ababca584ba4feecd850a69aef231068e9e025d31afe75dbe681dbf5c2d5fd

  • SHA512

    5b34ff33b0c42e0b6fd3eeeeca7accf44b2b4bd71b834a047fcccb321413b046b93db335da6c4b626fae352ff40e6219aa1adcce871f80dd0a06d59ff1340bd0

  Score

  10^/10

  hawkeyenwormdownloaderkeyloggerspywarestealertrojanworm

  • HawkEye

    HawkEye is a malware kit that has seen continuous development since at least 2013.

    keyloggertrojanstealerspywarehawkeye

  • NWorm

    A TrickBot module used to propagate to vulnerable domain controllers.

    wormdownloadernworm

  • Executes dropped EXE

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2