2017-06-12 - HAWKEYE INFECTION

NOTICE:

ASSOCIATED FILES:

  • 2017-06-12-Hawkeye-infection-traffic.pcap   (712,789 bytes)
  • 2017-06-12-Hawkeye-malspam.eml   (253,322 bytes)
  • Payment2017.doc   (180,224 bytes)
  • 2017-06-12-Hawkeye-malware.exe   (661,480 bytes)

 

EMAILS


Shown above:  Screen shot from the email.

 

EMAIL HEADERS:

 


Shown above:  Malicious Word document from the malspam.

 

TRAFFIC


Shown above:  Traffic from the infection filtered in Wireshark.

 

ASSOCIATED DOMAINS:

 

FILE HASHES

WORD DOCUMENT FROM THE EMAIL:

FOLLOW-UP MALWARE (HAWKEYE):

 

Click here to return to the main page.