HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign | Mandiant
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Native Api - T1575 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Visual Basic - T1059.005 Tool - T1588.002 Execution Through Api - T1106
Show in Graph
Common Information
Type Value
UUID ce1a1089-b6d1-4330-98a1-8621580b3bce
Fingerprint ed242d91ad333385
Analysis status DONE
Considered CTI value 0
Text language
Published July 25, 2017, midnight
Added to db Nov. 9, 2023, 12:25 a.m.
Last updated Nov. 14, 2024, 8:09 a.m.
Headline HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign
Title HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign | Mandiant
Detected Hints/Tags/Attributes 57/2/9
Source URLs
Redirection Url
Details Source https://www.mandiant.com/resources/blog/hawkeye-credential-theft-malware-distributed-recent-phishing-campaign
URL Provider
Details Provider Source level domain
Details mandiant.com www.mandiant.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 330 Threat Intelligence https://www.mandiant.com/resources/blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 70 
vbc.exe
Details File 1 
cmemoryexecute.dll
Details File 10 
webbrowserpassview.exe
Details File 7 
mailpv.exe
Details File 1 
webbrowserpassview.dll
Details File 17 
%temp%\holderwb.txt
Details File 16 
%temp%\holdermail.txt
Details File 4 
holdermail.txt
Details File 1 
holderweb.txt