General
-
Target
8512059f4dbd6dae13068ab29d5624fd_JaffaCakes118
-
Size
840KB
-
Sample
240530-12mmsscd37
-
MD5
8512059f4dbd6dae13068ab29d5624fd
-
SHA1
34b93471fd0337bcb6009f8f6579c632bb108bc5
-
SHA256
8b53a2b8c804e804fa38afd4a125d56531aaef531b3f6ed49dfede9707114212
-
SHA512
e8a31a508fb438d9a780aa4fabdef91351a3d0ec1ef435d1ca28cceda9fca4a2e21fb70d0a025d5fa6d2d003c5f8d11e63d19810aa9f7439be5ab015afd3201e
-
SSDEEP
24576:Wm0FAM1fguBqMpHK+J7FfIcCvuKz+ydlF:e1IepvTIcCvu8B
Malware Config
Extracted
hawkeye_reborn
- fields
- name
Targets
-
-
Target
8512059f4dbd6dae13068ab29d5624fd_JaffaCakes118
-
Size
840KB
-
MD5
8512059f4dbd6dae13068ab29d5624fd
-
SHA1
34b93471fd0337bcb6009f8f6579c632bb108bc5
-
SHA256
8b53a2b8c804e804fa38afd4a125d56531aaef531b3f6ed49dfede9707114212
-
SHA512
e8a31a508fb438d9a780aa4fabdef91351a3d0ec1ef435d1ca28cceda9fca4a2e21fb70d0a025d5fa6d2d003c5f8d11e63d19810aa9f7439be5ab015afd3201e
-
SSDEEP
24576:Wm0FAM1fguBqMpHK+J7FfIcCvuKz+ydlF:e1IepvTIcCvu8B
Score10/10-
HawkEye Reborn
HawkEye Reborn is an enhanced version of the HawkEye malware kit.
-
M00nd3v_Logger
M00nd3v Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
M00nD3v Logger payload
Detects M00nD3v Logger payload in memory.
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Drops startup file
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-