2020-02-11 Hawkeye

1. Artifacts
2. ==========
3.  
4. Munin results
5. --------------
6. 1 / 3 > Malicious
7. HASH: 862a216442776d75a3f1512dbfdb08a2989680a21d0a8944ebb5873cb998ea33 COMMENT: /copperon_request_for_quotation_RFQ#20200210_pdf.exe
8. VIRUS: Microsoft: Trojan:Win32/Wacatac.C!ml / Kaspersky: UDS:DangerousObject.Multi.Generic / McAfee: Artemis!E0289A284699 / ESET-NOD32: a variant of Win32/Injector.Autoit.FBR / Symantec: Packed.Generic.548 / GData: Trojan.AutoIT.Agent.AAJ
9. TYPE: Win32 EXE SIZE: 1.54 MB FILENAMES: regini.exe, regini.exe, copperon_request_for_quotation_RFQ#20200210_pdf.exe
10. FIRST: 2020-02-11 14:07:19 LAST: 2020-02-11 14:07:19 SUBMISSIONS: 1 REPUTATION: 0
11. COMMENTS: 3 USERS: thor, thor, thor TAGS: PEEXE DIRECT-CPU-CLOCK-ACCESS DETECT-DEBUG-ENVIRONMENT RUNTIME-MODULES
12. RESULT: 35 / 73
13. [!] Sample on ANY.RUN URL: https://any.run/report/862a216442776d75a3f1512dbfdb08a2989680a21d0a8944ebb5873cb998ea33
14.  
15. 2 / 3 > Unknown
16. HASH: 2325d95b4f9bf182a53345753d63e92d73e0e2b070a294322bef357ceb0ab981 COMMENT: winlogon.vbs
17. RESULT: - / -
18.  
19. 3 / 3 > Unknown
20. HASH: 0e0c232b87f04c08dcf581896fb655441db14fab4d4c8abd6c7bc4b7ec7838bd COMMENT: regini.exe
21. RESULT: - / -