Overview

overview

8

Static

static

8

Hawkish-Eyes-main.zip

windows10-2004-x64

8

Resubmissions

11/05/2023, 15:50

230511-s931racg8v 8

11/05/2023, 15:47

230511-s8dpgahd44 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Hawkish-Eyes-main.zip

  • Size

    1.0MB

  • Sample

    230511-s8dpgahd44

  • MD5

    f648067a669c8a4f5a9a7db65c96b193

  • SHA1

    378309f184300798ada863451cf9f4bb2e5e94b3

  • SHA256

    d564119b2694017fdd615e860e14a100b1281bc45f5c017206015ca366043702

  • SHA512

    97a3862b77bea42ef8a480ed5b723083fd19abe66c583905a8390f172d92fa3d80e0f375a5bd61f6dea40377704f032bb88d7bd2f5f7837ac6430610441918de

  • SSDEEP

    24576:ASpKjWY6cOb0vnnPH1M5q8fvTbkrqAItD6b6D8J7kw5m:tKZlM5ZMr8D8YCm

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      Hawkish-Eyes-main.zip

    • Size

      1.0MB

    • MD5

      f648067a669c8a4f5a9a7db65c96b193

    • SHA1

      378309f184300798ada863451cf9f4bb2e5e94b3

    • SHA256

      d564119b2694017fdd615e860e14a100b1281bc45f5c017206015ca366043702

    • SHA512

      97a3862b77bea42ef8a480ed5b723083fd19abe66c583905a8390f172d92fa3d80e0f375a5bd61f6dea40377704f032bb88d7bd2f5f7837ac6430610441918de

    • SSDEEP

      24576:ASpKjWY6cOb0vnnPH1M5q8fvTbkrqAItD6b6D8J7kw5m:tKZlM5ZMr8D8YCm

    Score
    8/10
    discoverypersistence

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks