General
-
Target
b6132cf8384c7e5f153ebb7da387d401950393bb45e27648903f923cbc2cdd24
-
Size
1.2MB
-
Sample
221125-kjwvrahe6s
-
MD5
8b2996fb30bba79cf90a80fe4455a303
-
SHA1
f6e0c2224389016f97aee2059f9947c6dc62e352
-
SHA256
b6132cf8384c7e5f153ebb7da387d401950393bb45e27648903f923cbc2cdd24
-
SHA512
9b2e71684fbe7c9982eed2b9bb00af288b7788865864959761f12da40cdba53c8b62049235b4fef9e7f263b19965e837465cb181b1291f66fb40a2ea14362f15
-
SSDEEP
24576:JmWsLGJOr1IrzB7b8m2t4xSTdzgz5nn2T3:VsLGsrOXBv8m2tBTdzyIT
Malware Config
Targets
-
-
Target
b6132cf8384c7e5f153ebb7da387d401950393bb45e27648903f923cbc2cdd24
-
Size
1.2MB
-
MD5
8b2996fb30bba79cf90a80fe4455a303
-
SHA1
f6e0c2224389016f97aee2059f9947c6dc62e352
-
SHA256
b6132cf8384c7e5f153ebb7da387d401950393bb45e27648903f923cbc2cdd24
-
SHA512
9b2e71684fbe7c9982eed2b9bb00af288b7788865864959761f12da40cdba53c8b62049235b4fef9e7f263b19965e837465cb181b1291f66fb40a2ea14362f15
-
SSDEEP
24576:JmWsLGJOr1IrzB7b8m2t4xSTdzgz5nn2T3:VsLGsrOXBv8m2tBTdzyIT
Score10/10-
HawkEye
HawkEye is a malware kit that has seen continuous development since at least 2013.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-