Overview

overview

10

Static

static

3

Fuckflix v2.exe

windows10-1703-x64

10

Fuckflix v2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    230906-yl61dsbe47_pw_infected.zip

  • Size

    1.3MB

  • Sample

    230907-lplgmsgc7z

  • MD5

    736b6fbf5c456dd662614aa9f8db27b4

  • SHA1

    f777f6c751e26e78cd51aa1fda634342fc984a22

  • SHA256

    406d8c9eef6911cd4703226536c205bb3f4a66f2c36ba73b439975a24aceac05

  • SHA512

    57eeb11cd8096d747bfe1f976aff7f58c0358687e99607fd77875142ba676d901c54f11e17312274671565da9a7913344eda706d049c31d24eef2ceb9bdbc17e

  • SSDEEP

    24576:pXwbDjBHTGCPTbz+pXk87sJcjLRQUd6VzqfmF7P/zvFOeAgQe+84u0svoVq12c6:pGdTtKpXJnCvqfYNOClJbgVLc6

Score
10/10
hawkeyekeyloggerpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      Fuckflix v2.exe

    • Size

      1.4MB

    • MD5

      87061d416a3baa597cb2dfb1cf6680ff

    • SHA1

      70b830d27760bc661346c2a635229289df38db4b

    • SHA256

      97629396012d2669704ab8e7ae58f34b1d379eaae1837b3befdc876f8ec247c3

    • SHA512

      dd632e0f1cc6d30a1e3281ee1354ad78d2e315b74f1b5e89c56e628c11267d5ef35ec1d42f151a4991db58c6fb804a18b219aad8aa35e0a7fcfe1c9855071aa7

    • SSDEEP

      24576:TEh21pnmhW0Ibe6P5Mi88lON5+m18Xd3p5s4+mkg4ENYWQJrZG4Y5Xxti4+TA+hp:o81pnz0+P5RONx1855fa7rZaXKT1vl20

    Score
    10/10
    hawkeyekeyloggerpersistencespywarestealertrojan

    • HawkEye

      HawkEye is a malware kit that has seen continuous development since at least 2013.

      keyloggertrojanstealerspywarehawkeye

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks