hawkeye | 4c7cfb423683a75302e3b3fba7c4b21f499200c0d2b64a55a97e032e41203fd5 | Triage

Sharing

General

Target

4c7cfb423683a75302e3b3fba7c4b21f499200c0d2b64a55a97e032e41203fd5
Size

643KB
Sample

221002-qvznnsaedk
MD5

6e5e75da054cf47b5319c3ccea265110
SHA1

1465e29ec2947f1a4c15fe1ab0c3c69759e3028e
SHA256

4c7cfb423683a75302e3b3fba7c4b21f499200c0d2b64a55a97e032e41203fd5
SHA512

dd475b72c90e8a417b9994be9ae8afeb24f3ed7a5218b4488911e67ca9754bca5bd83d8103cd52b4f76d73f0ee4242fc2b4e6eb10346684a6a2b9dc05cf68793
SSDEEP

12288:nRxti1Hnd4oXca1DyUk6lHibpbmXJ7YsHWfpQRD:nPtipYz2HibAeDRQ

Score

10^/10

hawkeye evasion keylogger persistence spyware stealer trojan

Malware Config

Targets

- Target
  
  4c7cfb423683a75302e3b3fba7c4b21f499200c0d2b64a55a97e032e41203fd5
- Size
  
  643KB
- MD5
  
  6e5e75da054cf47b5319c3ccea265110
- SHA1
  
  1465e29ec2947f1a4c15fe1ab0c3c69759e3028e
- SHA256
  
  4c7cfb423683a75302e3b3fba7c4b21f499200c0d2b64a55a97e032e41203fd5
- SHA512
  
  dd475b72c90e8a417b9994be9ae8afeb24f3ed7a5218b4488911e67ca9754bca5bd83d8103cd52b4f76d73f0ee4242fc2b4e6eb10346684a6a2b9dc05cf68793
- SSDEEP
  
  12288:nRxti1Hnd4oXca1DyUk6lHibpbmXJ7YsHWfpQRD:nPtipYz2HibAeDRQ
Score

10^/10

hawkeye evasion keylogger persistence spyware stealer trojan
- HawkEye
  HawkEye is a malware kit that has seen continuous development since at least 2013.
  keylogger trojan stealer spyware hawkeye
- Modifies firewall policy service
  evasion
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

hawkeyeevasionkeyloggerpersistencespywarestealertrojan

behavioral2

hawkeyeevasionkeyloggerpersistencespywarestealertrojan