hawkeye | 25a7825a3bb8e1777dcaec1627d0030492091f053d77d660aa026a7e80b0ce0f | Triage

Sharing

General

Target

9f255a5fd8e9cbb1e8c2b1c88d436665_JaffaCakes118
Size

386KB
Sample

240816-t5j8hsveqc
MD5

9f255a5fd8e9cbb1e8c2b1c88d436665
SHA1

b1583d74bd8eba91a43de585e4c13fa142441efc
SHA256

25a7825a3bb8e1777dcaec1627d0030492091f053d77d660aa026a7e80b0ce0f
SHA512

fa77764dcffabf9ebd295ddb741de5de8c1d899f20943579eff8c0aab8d3f204a5835e993271b847335ee6188db5bc6e3504c1e9b3b5f5f0c8d6c7aead25e27a
SSDEEP

6144:uptmZ62NlgsWxhFkZpXIGWvDwYNSZZa2TjaFJ7eIbH661cdfFI6u:StmLb2hFko5NS3LTk7pvchu

Score

10^/10

hawkeye keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  9f255a5fd8e9cbb1e8c2b1c88d436665_JaffaCakes118
- Size
  
  386KB
- MD5
  
  9f255a5fd8e9cbb1e8c2b1c88d436665
- SHA1
  
  b1583d74bd8eba91a43de585e4c13fa142441efc
- SHA256
  
  25a7825a3bb8e1777dcaec1627d0030492091f053d77d660aa026a7e80b0ce0f
- SHA512
  
  fa77764dcffabf9ebd295ddb741de5de8c1d899f20943579eff8c0aab8d3f204a5835e993271b847335ee6188db5bc6e3504c1e9b3b5f5f0c8d6c7aead25e27a
- SSDEEP
  
  6144:uptmZ62NlgsWxhFkZpXIGWvDwYNSZZa2TjaFJ7eIbH661cdfFI6u:StmLb2hFko5NS3LTk7pvchu
Score

10^/10

hawkeye keylogger spyware stealer trojan
- HawkEye
  HawkEye is a malware kit that has seen continuous development since at least 2013.
  keylogger trojan stealer spyware hawkeye
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

hawkeyekeyloggerspywarestealertrojan

behavioral2

hawkeyekeyloggerspywarestealertrojan