General
-
Target
77c0d92275f3c731ad9a65b18624cba6_JaffaCakes118
-
Size
1012KB
-
Sample
240527-dxjn1sfd95
-
MD5
77c0d92275f3c731ad9a65b18624cba6
-
SHA1
9739479e0254b3db03cddbf45ee300bca81c9d68
-
SHA256
bc8916502006c13655027769ce62225fbf4e9e4380ac4c2aaf7892d45e058d4a
-
SHA512
49b851bd909e28e7b34fc002d09e6f574cb401443b3a2342d5cb7cbbf1dfcccf22715f250a98df893b9d14a51e7d6f45255b6e107ae0c5358443c7bb52f8692c
-
SSDEEP
24576:NlozTZfU0l3vcCbatx3vi9uPnl2NSBSynBG1S:NlGzaT/iI4SBSynB
Static task
static1
Behavioral task
behavioral1
Sample
Documents98376532453.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
Documents98376532453.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
Documents98376532453.exe
-
Size
951KB
-
MD5
0bf39869b08ade7c8ed45ff5a26f70c4
-
SHA1
09ba2e264420ccd1cb0aae13501a7329c3493f54
-
SHA256
a9b7dbcbe943925db368bcc5c700d3f77dde99190780b94dc9f1439fe17a4bba
-
SHA512
4e17bfb64903b993f5aaa83ae844611566394a71596133d187ed2d38802b0c2d18781bbd6610f6628265ccc89fb1f4f69bae2a321048c38b104c1bab30259658
-
SSDEEP
24576:/lozTZfU0l3vcCbatx3vi9uPnl2NSBSynBG1ST:/lGzaT/iI4SBSynBV
-
HawkEye Reborn
HawkEye Reborn is an enhanced version of the HawkEye malware kit.
-
M00nd3v_Logger
M00nd3v Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Drops startup file
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-