Details
Malware Family HawkEye
Date Added June 30, 2016, 12:48 p.m.
MD5 a352bfcd80db33efc2bbd19fd8280cf9
Sha256 c25879653013f234dc908c7f56e827db3f1d4aba28d3522bc79b9b5d14d49a4b
Robot Robots lovingly delivered by robohash.org
Config Sections
Config String 32 stealers
Config String 33 Disablemelt
Config String 30 TaskManager
Crypted String 9
Crypted String 6 smtp-mail.outlook.com
Crypted String 4 petermark231@outlook.com
Crypted String 5 11Blessme
Crypted String 0
Config String 18 clearie
Config String 19 clearff
Config String 38 steam
Config String 39 \Windows Update.exe
Config String 36 msconfig
Config String 37 spreaders
Config String 34 reg
Config String 35 cmd
Config String 14 yesemail
Config String 15 noftp
Config String 16 nophp
Config String 17 0
Crypted String 10 ftp.yourhost.com
Crypted String 11 YourUsername
Crypted String 12 YourPassword
Crypted String 13 http://www.site.com/logs.php
Config String 7 587
Config String 2 WinForms_RecursiveFormCreate
Config String 3 WinForms_SeeInnerException
Config String 1 Property can only be set to Nothing
Config String 31 logger
Config String 8 3600000
Config String 21 downloadfiles
Config String 20 bindfiles
Config String 23 websiteblocker
Config String 22 websitevisitor
Config String 25 DisableSSL
Config String 24 Disablenotify
Config String 27 startup
Config String 26 Disablefakerror
Config String 29 clip
Config String 28 screeny
Advertising
VirusTotal

42 out of 57 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
http://www.site.com/logs.php 0
Geo Location
Yara Rules
Comments
comments powered by Disqus