Extracted

• • Target

    proforma invoice

  • Size

    1.7MB

  • MD5

    61c5dde7b4dbb77058f8aad370e92648

  • SHA1

    753c4913e5bd73a37c04ec4b180f99aa5d15b2f0

  • SHA256

    4f387257ba2721c27465800f9db3e513ded059ce28b68d593de0f459dfcf95a7

  • SHA512

    7cc15313ed4c0373112cd08240303f4baae696eb86dd9fcf9d3de6b1773fa0e2a5089b86051fd0c15257b3588fe9135dea559dbc799880c8820bbf6e097d9ae1

  • SSDEEP

    24576:EAHnh+eWsN3skA4RV1Hom2KXMmHapr1X5pc0zEtdKnY2jDPFT7TVfd5HTfr6sbt5:Th+ZkldoPK8Yapyqu2jDPpNHH5T

  Score

  10^/10

  hawkeyecollectionkeyloggerspywarestealertrojan

  • HawkEye

    HawkEye is a malware kit that has seen continuous development since at least 2013.

    keyloggertrojanstealerspywarehawkeye

  • NirSoft MailPassView

    Password recovery tool for various email clients

  • NirSoft WebBrowserPassView

    Password recovery tool for various web browsers

  • Nirsoft

  • Uses the VBS compiler for execution

  • Accesses Microsoft Outlook accounts

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2