MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3db104a336d2a97f3af74083deabf7c2b3a8933e4acc0ef470f8f1a9bc894554. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


HawkEye


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3db104a336d2a97f3af74083deabf7c2b3a8933e4acc0ef470f8f1a9bc894554
SHA3-384 hash: 153c3ab40a8c96c3bca10c9555bb3fc3d747b7efa8178fec47727ad9abd2b5c1f324817faf9719705c9da5e567daccbd
SHA1 hash: b5c9133d811c95e9a6f91c3b421f45e4ac68a0c8
MD5 hash: 19280c528864c99a5990084a5fea273c
humanhash: bluebird-foxtrot-skylark-white
File name:PAYCHECK LIST.rar
Download: download sample
Signature HawkEye
Create hunting rule
File size:812'298 bytes
First seen:2020-06-08 19:01:25 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:3nOvri1N9BbYTamDARvmjT8rX6KyTLmMLjikr:eDi73bYiRehm2Wkr
TLSH 5D052307E4FAD18D60E8A9BC1086293493336E61E8BFD897DECE1E75D58DD9FBA04404
Reporter abuse_ch
Tags:HawkEye rar


Avatar
abuse_ch
Malspam distributing HawkEye:

HELO: mail.xweb.cz
Sending IP: 193.19.179.33
From: jan.simek@auto-simek.cz
Subject: PAYCHECK LIST
Attachment: PAYCHECK LIST.rar (contains "PAYCHECK LIST.exe")

HawkEye SMTP exfil server:
smtp.yandex.ru:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Pwsx
Create hunting rule
Status:
Malicious
First seen:
2020-06-08 19:03:04 UTC
AV detection:
3 of 48 (6.25%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=hwyqjizw2kux6oxxicb55k7xykz2rez6jlga55dq7dy2tpejivka._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

HawkEye

rar 3db104a336d2a97f3af74083deabf7c2b3a8933e4acc0ef470f8f1a9bc894554

(this sample)

HawkEye

Executable exe 729a8847d2ea2bfb04ce24eb71202adc4bccf4cac79c31868851cc0ccd384755

  
Dropping
MD5 e31da9d754a9fcd77cf6a0c5ce8ac329
  
Dropping
HawkEye
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 729a8847d2ea2bfb04ce24eb71202adc4bccf4cac79c31868851cc0ccd384755

Comments