General

  • Target

    148ddb4aab5694ee69c56b4b253d791a9eed00d91c347bbdab4eb6304dead30a

  • Size

    356KB

  • Sample

    220222-vllgxacecq

  • MD5

    d29aadb67d36e1fdd653e6a8b7b9e9c9

  • SHA1

    af5f89b2fadd7d8f2164d934e884e917f4eccace

  • SHA256

    148ddb4aab5694ee69c56b4b253d791a9eed00d91c347bbdab4eb6304dead30a

  • SHA512

    03df1289d027200ce5253acb2c20f0f73c723a861194f10aa563f2a1666e0a91ede6bed0d3409d6ee3b2dffdcabb418b11b0b19f4fa9cb9efb9db6248bd76dc7

Malware Config

Targets

    • Target

      148ddb4aab5694ee69c56b4b253d791a9eed00d91c347bbdab4eb6304dead30a

    • Size

      356KB

    • MD5

      d29aadb67d36e1fdd653e6a8b7b9e9c9

    • SHA1

      af5f89b2fadd7d8f2164d934e884e917f4eccace

    • SHA256

      148ddb4aab5694ee69c56b4b253d791a9eed00d91c347bbdab4eb6304dead30a

    • SHA512

      03df1289d027200ce5253acb2c20f0f73c723a861194f10aa563f2a1666e0a91ede6bed0d3409d6ee3b2dffdcabb418b11b0b19f4fa9cb9efb9db6248bd76dc7

    • HawkEye

      HawkEye is a malware kit that has seen continuous development since at least 2013.

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks