General
-
Target
f753e7565a749163fdb151eafd1716798c76dbaea2d437b6d2b406586db1189d
-
Size
941KB
-
Sample
221126-b63gdaga61
-
MD5
c2a1b81f585dbe752d307a62736a33e4
-
SHA1
ce65d21eb01e5e3556a6e64a9584259b1f2ead53
-
SHA256
f753e7565a749163fdb151eafd1716798c76dbaea2d437b6d2b406586db1189d
-
SHA512
3acc91c58a20d5b5241b4d2917f1018aa74fbf61770c9c3bc7a7ff0abcab0782b5f2285438404e22c13ec81c188483354507e9052d5b554aa37f8cdffe99a543
-
SSDEEP
24576:SMVwiu9NNzN5R77fYmO1g7tz9pWAeWzDK5v1VMzulDyugvF:S+wr9fLxfLFtCVWzo1Cahy
Malware Config
Targets
-
-
Target
f753e7565a749163fdb151eafd1716798c76dbaea2d437b6d2b406586db1189d
-
Size
941KB
-
MD5
c2a1b81f585dbe752d307a62736a33e4
-
SHA1
ce65d21eb01e5e3556a6e64a9584259b1f2ead53
-
SHA256
f753e7565a749163fdb151eafd1716798c76dbaea2d437b6d2b406586db1189d
-
SHA512
3acc91c58a20d5b5241b4d2917f1018aa74fbf61770c9c3bc7a7ff0abcab0782b5f2285438404e22c13ec81c188483354507e9052d5b554aa37f8cdffe99a543
-
SSDEEP
24576:SMVwiu9NNzN5R77fYmO1g7tz9pWAeWzDK5v1VMzulDyugvF:S+wr9fLxfLFtCVWzo1Cahy
Score10/10-
HawkEye
HawkEye is a malware kit that has seen continuous development since at least 2013.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-