hawkeye | 3a138a295230f132721473e396032bdd250158b6a1e45323cc520f5fe7985978 | Triage

Sharing

General

Target

t.bat
Size

864B
Sample

231113-z7k6gsfa5t
MD5

6c5db6669363fe77494ada18a6e5f2fa
SHA1

2d6bf0e0ec048cf0e52ffc745ef4eb7c3d6f1860
SHA256

3a138a295230f132721473e396032bdd250158b6a1e45323cc520f5fe7985978
SHA512

b78bbae047151081025c9051d79cd18cf4adc45c1566a828c4c2236b0d98c702714f7c81f7d5bcba8745015e58540eaa6b91610c9a5879c7a9e973f88eef0bed

Score

10^/10

hawkeye keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  t.bat
- Size
  
  864B
- MD5
  
  6c5db6669363fe77494ada18a6e5f2fa
- SHA1
  
  2d6bf0e0ec048cf0e52ffc745ef4eb7c3d6f1860
- SHA256
  
  3a138a295230f132721473e396032bdd250158b6a1e45323cc520f5fe7985978
- SHA512
  
  b78bbae047151081025c9051d79cd18cf4adc45c1566a828c4c2236b0d98c702714f7c81f7d5bcba8745015e58540eaa6b91610c9a5879c7a9e973f88eef0bed
Score

10^/10

hawkeye keylogger spyware stealer trojan
- HawkEye
  HawkEye is a malware kit that has seen continuous development since at least 2013.
  keylogger trojan stealer spyware hawkeye
- Blocklisted process makes network request
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

hawkeyekeyloggerspywarestealertrojan