MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b34917ecc3fb9323a7f9b1ffa68a57019b11e748d8e93b2283d7dc3fcb919eda. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


HawkEye


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b34917ecc3fb9323a7f9b1ffa68a57019b11e748d8e93b2283d7dc3fcb919eda
SHA3-384 hash: fc1eece192498058f738ae208cfaf129f2f8174a1101e6f0d2a477016401e4a05fcf66f882fe2a9112bf1798d677550f
SHA1 hash: 1f86e2d9f4a6d8eaf803bc91deb460f5b273b3dd
MD5 hash: 37cbba876c234bd89c571a11ecdea865
humanhash: michigan-jig-august-oven
File name:Bank Deposit.zip
Download: download sample
Signature HawkEye
Create hunting rule
File size:451'974 bytes
First seen:2020-05-19 14:26:11 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:HeeF3rlkKsTfsBKCudvEOO7OGtlVY1340VONheYXSj6gT:NFJkKcfAKvEOUVc1o0gNYkSWgT
TLSH 12A4234879E6C37F76187227CBC5033C1557BDAC61CBA7AAF8D06D706067F89220C999
Reporter abuse_ch
Tags:HawkEye zip


Avatar
abuse_ch
Malspam distributing HawkEye:

HELO: mx2.bangla.net
Sending IP: 203.188.252.24
From: Bank Technologies Inc <br3781@bangla.net>
Reply-To: info.fun-kids@bk.ru
Subject: payment
Attachment: Bank Deposit.zip (contains "Bank Deposit.exe")

HawkEye SMTP exfil server:
server165.web-hosting.com:26

Intelligence

File Origin
# of uploads :
1
# of downloads :
88
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.MSIL.GenKryptik.EJRR.1007.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-19 21:49:11 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
22 of 48 (45.83%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=wnerp3gd7ojshj7zwh72ncsxagnrdz2i3dutwiud27od7s4rt3na._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

HawkEye

zip b34917ecc3fb9323a7f9b1ffa68a57019b11e748d8e93b2283d7dc3fcb919eda

(this sample)

HawkEye

Executable exe 405b73ed2d211da9c63ded57666f5e74c429631bc94b396e42325d9980be375f

  
Dropping
MD5 68041ec86a8f7c2209042c048002d2ec
  
Dropping
HawkEye
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 405b73ed2d211da9c63ded57666f5e74c429631bc94b396e42325d9980be375f

Comments