Overview

overview

10

Static

static

3

656dca17a0...18.exe

windows7-x64

10

656dca17a0...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    656dca17a0dd4cbac571d0f17eab50e6_JaffaCakes118

  • Size

    6.3MB

  • Sample

    240723-att4ssxfpj

  • MD5

    656dca17a0dd4cbac571d0f17eab50e6

  • SHA1

    f78ef8e57c18b3723eb01ccc3fffee26b12f79ec

  • SHA256

    34d3f55ffdc1abad9f4a882abb9905d512a7132707bc4ceeb9741e393bd7a302

  • SHA512

    cdc72a30eca297a0b5d581bd7252764b6ccb9c31de2cde157433dd77ba3e698ea0f55a99b906eaa56f15d0fff0127f6662f5b956d6e0e13083f13ac7f1d18bfb

  • SSDEEP

    98304:A3hhztB6UWnIqRlBZi1UcD96OcsGWRbT4hd+7ogxhTnjDs0vE8Cr:ARPB5WIqRZi1HDWshbUhO3TnjDpvEH

Score
10/10
hawkeyekeyloggerpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      656dca17a0dd4cbac571d0f17eab50e6_JaffaCakes118

    • Size

      6.3MB

    • MD5

      656dca17a0dd4cbac571d0f17eab50e6

    • SHA1

      f78ef8e57c18b3723eb01ccc3fffee26b12f79ec

    • SHA256

      34d3f55ffdc1abad9f4a882abb9905d512a7132707bc4ceeb9741e393bd7a302

    • SHA512

      cdc72a30eca297a0b5d581bd7252764b6ccb9c31de2cde157433dd77ba3e698ea0f55a99b906eaa56f15d0fff0127f6662f5b956d6e0e13083f13ac7f1d18bfb

    • SSDEEP

      98304:A3hhztB6UWnIqRlBZi1UcD96OcsGWRbT4hd+7ogxhTnjDs0vE8Cr:ARPB5WIqRZi1HDWshbUhO3TnjDpvEH

    Score
    10/10
    hawkeyekeyloggerpersistencespywarestealertrojan

    • HawkEye

      HawkEye is a malware kit that has seen continuous development since at least 2013.

      keyloggertrojanstealerspywarehawkeye

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks