General

  • Target

    ExeFile (183).exe

  • Size

    37KB

  • Sample

    240820-rgratawclb

  • MD5

    82d215a75fb488924bd0b6c9b8eb7c8b

  • SHA1

    479d006342c914ffd4bc403572fc0fe81218e4a4

  • SHA256

    b09eb23e23e8af6efcef8dcc7124f17a762c740b62410cef160f105d889eaf5f

  • SHA512

    ca2704696a293b6c0214ccfc6c1180335e41b8e5fb6f21062d23987ec931bea2205c420dd16609af08c6f884d9a1fbbb323522426e16eb726541ffe3e42a98ff

  • SSDEEP

    768:UhGivbbvmmRmjU0WwDThQ0YxyJbtsJp5JrFFnCiFJzu06rwZ:gXmmRmjU0BDlQlA6p5hFFnCiFp6r8

Malware Config

Targets

    • Target

      ExeFile (183).exe

    • Size

      37KB

    • MD5

      82d215a75fb488924bd0b6c9b8eb7c8b

    • SHA1

      479d006342c914ffd4bc403572fc0fe81218e4a4

    • SHA256

      b09eb23e23e8af6efcef8dcc7124f17a762c740b62410cef160f105d889eaf5f

    • SHA512

      ca2704696a293b6c0214ccfc6c1180335e41b8e5fb6f21062d23987ec931bea2205c420dd16609af08c6f884d9a1fbbb323522426e16eb726541ffe3e42a98ff

    • SSDEEP

      768:UhGivbbvmmRmjU0WwDThQ0YxyJbtsJp5JrFFnCiFJzu06rwZ:gXmmRmjU0BDlQlA6p5hFFnCiFp6r8

    • HawkEye

      HawkEye is a malware kit that has seen continuous development since at least 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks