hawkeye_reborn | 800aae51fd2890c8900faada4a614a10aaa668b38b1c5f23435c98f5fa2ecbcd | Triage

Submit
Reports

Overview

overview

Static

static

09cfec7e1e...cs.exe

windows7-x64

1

09cfec7e1e...cs.exe

windows10-2004-x64

5

Sharing

General

Target

09cfec7e1e89737ff06bcd2ca804c020_NeikiAnalytics
Size

552KB
Sample

240515-vtm1psbc7w
MD5

09cfec7e1e89737ff06bcd2ca804c020
SHA1

05369eb0f8c453715f1d47bd2aa1cbf5946813fc
SHA256

800aae51fd2890c8900faada4a614a10aaa668b38b1c5f23435c98f5fa2ecbcd
SHA512

9cf25e18ec9d9c881c863fb4bb443a5a1c6f6333d9adf17b07a1cc8cc43fa43bb8931ad05508079ed486e383a3bb72c8d7bdc45279f698939b6b85c28fed4f21
SSDEEP

12288:/q8i3BV4HwTO3XiwxjmAxM35B9qgOUN8F6qlfNUqIFzGRIF6nj1K20XdDixi8B77:/q8iP4QTKiwxyAib0cE

Score

10^/10

hawkeye_reborn m00nd3v_logger microsoft infostealer phishing

Static task

static1

infostealer m00nd3v_logger hawkeye_reborn

4 signatures

Behavioral task

behavioral1

Sample

09cfec7e1e89737ff06bcd2ca804c020_NeikiAnalytics.exe

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

09cfec7e1e89737ff06bcd2ca804c020_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

microsoft phishing

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

hawkeye_reborn

Attributes

fields
name

Targets

- Target
  
  09cfec7e1e89737ff06bcd2ca804c020_NeikiAnalytics
- Size
  
  552KB
- MD5
  
  09cfec7e1e89737ff06bcd2ca804c020
- SHA1
  
  05369eb0f8c453715f1d47bd2aa1cbf5946813fc
- SHA256
  
  800aae51fd2890c8900faada4a614a10aaa668b38b1c5f23435c98f5fa2ecbcd
- SHA512
  
  9cf25e18ec9d9c881c863fb4bb443a5a1c6f6333d9adf17b07a1cc8cc43fa43bb8931ad05508079ed486e383a3bb72c8d7bdc45279f698939b6b85c28fed4f21
- SSDEEP
  
  12288:/q8i3BV4HwTO3XiwxjmAxM35B9qgOUN8F6qlfNUqIFzGRIF6nj1K20XdDixi8B77:/q8iP4QTKiwxyAib0cE
Score

5^/10

microsoft phishing
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

infostealerm00nd3v_loggerhawkeye_reborn

behavioral1

behavioral2

microsoftphishing

© 2018-2024

Terms | Privacy