MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ee6579fabec9da8f478fc1b310f111ecd2128cc62a65c7f05b1c701378a470cb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

HawkEye

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	ee6579fabec9da8f478fc1b310f111ecd2128cc62a65c7f05b1c701378a470cb
SHA3-384 hash:	a4fc960cf78f4c8cab891fcbb02d66ad9b92fdc3bba5dc8784735d52accfee308183be7db4fa6f109b4d62ebf4801599
SHA1 hash:	d61c16cfed02506e7f51ed25ceba493e6cb2bf8c
MD5 hash:	b018b82d36f3a68ebc829013f570e394
humanhash:	colorado-oranges-west-fifteen
File name:	Bankbezahlung.zip
Download:	download sample
Signature	HawkEye Create hunting rule
File size:	440'652 bytes
First seen:	2020-07-08 14:20:51 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	12288:VXlEg+lF9ocd6hbjFZnCV4pwTopBrjkEHtX:pcd6hb5pCFspVjZHB
TLSH	AB9423CB528AD3586A54536EA2A7847720E4A7123D73486020DADFB52FCFCB73D0357A
Reporter	abuse_ch
Tags:	HawkEye zip

abuse_ch

Malspam distributing HawkEye:

HELO: relay3.grserver.gr
Sending IP: 88.198.112.68
From: BMW AG Group <Zahlung@supercoolservice.gr>
Subject: Re: Zahlung
Attachment: Bankbezahlung.zip (contains "Bankbezahlung.exe")