MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0846f6019d7fe774dc75d2f35a88769fdd49f99fad217283287f24c1bb54c45e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 2 Yara 2 Comments

SHA256 hash: 0846f6019d7fe774dc75d2f35a88769fdd49f99fad217283287f24c1bb54c45e
SHA1 hash: 61b3dc786bc37752a09279b6e1806099c0924179
MD5 hash: de9bb21c18602d65e28f3c716301fd33
File name:lIXDHbCcrwGvgZd.exe
Download: download sample
Signature HawkEye
File size:737'280 bytes
First seen:2020-05-23 12:19:05 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:Ymkbep+fUxAe8m2FrFU7NWuyHh20SgiKFWy4qIw++7Igzqm6cd/7mnpyJ3qo5TnL:Ym8CUHFJ+NFmdfW34fduOd/74oFqohfD
TLSH 6BF4014572A8581BC6ED40F8619EF28443F245BF1692FBE5DC8231FB36C3BDA4612993
Reporter @Jouliok
Tags:exe HawkEye


Mail intelligence No data
# of uploads 1
# of downloads 21
Origin country GB GB
VirusTotal:Virustotal results 40.28%

Yara Signatures

Rule name:CAP_HookExKeylogger
Author:Brian C. Bell -- @biebsmalwareguy
Rule name:MAL_HawkEye_Keylogger_Gen_Dec18
Author:Florian Roth
Description:Detects HawkEye Keylogger Reborn

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 0846f6019d7fe774dc75d2f35a88769fdd49f99fad217283287f24c1bb54c45e

(this sample)

Delivery method
Distributed via web download