MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8d53fe5eddd1cba93e2335c7cc4ea7f71d8b628c6a7c3d4249e0680d3e5bd9e5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


HawkEye


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8d53fe5eddd1cba93e2335c7cc4ea7f71d8b628c6a7c3d4249e0680d3e5bd9e5
SHA3-384 hash: 8a3590e2857af1b9419a45f3c7062c3561f32589d92259c6c4b2f7f868424d8c3d0adcd2330f72e70acdf9f488590fa5
SHA1 hash: 592074bbd50e1c25f93398ee82dd30616a57f5a6
MD5 hash: 7bf2ab9e8ff8d58dc7cea47e5a117c28
humanhash: bacon-eleven-bakerloo-muppet
File name:ORDER 3004202000011.rar
Download: download sample
Signature HawkEye
Create hunting rule
File size:204'756 bytes
First seen:2020-04-30 10:54:43 UTC
Last seen:2020-04-30 21:32:47 UTC
File type: rar
MIME type:application/x-rar
ssdeep 6144:cJEwanAqndJUJTTQRsTdghR4DmPBUQD+5sfpe:cFanXJsTTnK4DMuQDBfpe
TLSH 331423080755A52A187830A7FA3CE8C2DE3A7EF76665672C3AD879C33618DD13480DF6
Reporter abuse_ch
Tags:HawkEye rar


Avatar
abuse_ch
Malspam distributing HawkEye:

HELO: combytellc.com
Sending IP: 37.49.230.215
From: ASIF JANJUA <sandeepgill@combytellc.com>
Reply-To: ASIF JANJUA <sandeepgill@combytellc.com>
Subject: NEW ORDER #3004202000011
Attachment: ORDER 3004202000011.rar (contains "ORDER #3004202000011.exe")

Intelligence

File Origin
# of uploads :
3
# of downloads :
92
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-04-30 10:39:41 UTC
AV detection:
23 of 30 (76.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rvj74xw52hf2sprdgxd4ytvh64oywyumnj6d2qsj4bua2ps33hsq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

HawkEye

rar 8d53fe5eddd1cba93e2335c7cc4ea7f71d8b628c6a7c3d4249e0680d3e5bd9e5

(this sample)

HawkEye

Executable exe 35cca711eeab74520897fa7d78a5228861e9eb0bd2f66e1aa3810784acf4f11c

  
Dropping
MD5 be0f8d09be25543b80b9d8f02331faea
  
Dropping
HawkEye
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 35cca711eeab74520897fa7d78a5228861e9eb0bd2f66e1aa3810784acf4f11c

Comments