hawkeye | 1ec6ff53075f7232b5d9807e63b82e97a6c7a41bf77cd3b4e3813eefc4f97c50 | Triage

Sharing

General

Target

tetrishack.bat
Size

1KB
Sample

250223-vkhdvsvlt9
MD5

729e4888ead4281eaa0644ee732b21e2
SHA1

f3425091a72fb93c0de2c8c0729530263c3a3f05
SHA256

1ec6ff53075f7232b5d9807e63b82e97a6c7a41bf77cd3b4e3813eefc4f97c50
SHA512

59f308be4061bce350e99f9f8bc7d7e9de0ff2a7a660845eaa71abf81a9928e98d78961290dc0fdac93acc913f4cd034488dbb4d5bea2b74cda6502f352d08bf

Score

10^/10

hawkeye keylogger spyware stealer trojan

Malware Config

Targets

- Target
  
  tetrishack.bat
- Size
  
  1KB
- MD5
  
  729e4888ead4281eaa0644ee732b21e2
- SHA1
  
  f3425091a72fb93c0de2c8c0729530263c3a3f05
- SHA256
  
  1ec6ff53075f7232b5d9807e63b82e97a6c7a41bf77cd3b4e3813eefc4f97c50
- SHA512
  
  59f308be4061bce350e99f9f8bc7d7e9de0ff2a7a660845eaa71abf81a9928e98d78961290dc0fdac93acc913f4cd034488dbb4d5bea2b74cda6502f352d08bf
Score

10^/10

hawkeye keylogger spyware stealer trojan
- HawkEye
  HawkEye is a malware kit that has seen continuous development since at least 2013.
  keylogger trojan stealer spyware hawkeye
- Hawkeye family
  hawkeye
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

hawkeyekeyloggerspywarestealertrojan