HawkEye Malware: Technical Analysis - ANY.RUN's Cybersecurity Blog
Common Information
| Type | Value |
|---|---|
| UUID | 65025c39-7a27-45ae-9b96-294e9b2ea4ec |
| Fingerprint | 352c0805a1b50395 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 13, 2024, 10:54 a.m. |
| Added to db | Nov. 13, 2024, 12:24 p.m. |
| Last updated | June 22, 2025, 8:32 a.m. |
| Headline | HawkEye Malware: Technical Analysis |
| Title | HawkEye Malware: Technical Analysis - ANY.RUN's Cybersecurity Blog |
| Detected Hints/Tags/Attributes | 147/3/55 |
Archive Viewer
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://any.run/cybersecurity-blog/hawkeye-malware-technical-analysis/ |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | any.run | any.run |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 13 | ✔ | ANY.RUN's Cybersecurity Blog | https://any.run/cybersecurity-blog/feed/ | 2025-06-06 22:06 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 979 | any.run |
|
| Details | File | 206 | schtasks.exe |
|
| Details | File | 42 | vbc.exe |
|
| Details | File | 4 | holdermail.txt |
|
| Details | File | 13 | index.dat |
|
| Details | File | 17 | profiles.ini |
|
| Details | md5 | 3 | 60fabd1a2509b59831876d5e2aa71a6b |
|
| Details | md5 | 3 | defc51f31f6c4fa89cc6a39a62d8a08f |
|
| Details | md5 | 3 | dea59d578e0e64728780fb67dde7d96d |
|
| Details | md5 | 3 | 040058f70ffdee6398f7b64ae1ea46d3 |
|
| Details | md5 | 3 | e651dca5c850451cdba7f25cbb4134e7 |
|
| Details | md5 | 3 | de823ba5d67de8682e6d7b8b472dbbcb |
|
| Details | md5 | 3 | 25a2d98dfcf6a12ea6459882c56aa2e0 |
|
| Details | md5 | 3 | 179b219afa2ac15b14affd399273148b |
|
| Details | md5 | 3 | 38a3cb547a0a19a61534792f572f08b0 |
|
| Details | md5 | 3 | addcd85e0126e63e46da09eb8ea97120 |
|
| Details | md5 | 3 | 0a2f6501a36c1b13532139e3c1843109 |
|
| Details | md5 | 3 | 06916c9505da82f63a73768c6f336192 |
|
| Details | md5 | 3 | ab264deb2563dc4df8b281b18e0861ba |
|
| Details | IPv4 | 3 | 66.147.236.46 |
|
| Details | IPv4 | 3 | 204.141.42.56 |
|
| Details | IPv4 | 3 | 129.204.194.84 |
|
| Details | MITRE ATT&CK Techniques | 370 | T1036 |
|
| Details | MITRE ATT&CK Techniques | 312 | T1053 |
|
| Details | MITRE ATT&CK Techniques | 468 | T1547.001 |
|
| Details | MITRE ATT&CK Techniques | 92 | T1055.012 |
|
| Details | MITRE ATT&CK Techniques | 53 | T1074.001 |
|
| Details | MITRE ATT&CK Techniques | 231 | T1113 |
|
| Details | MITRE ATT&CK Techniques | 180 | T1555 |
|
| Details | MITRE ATT&CK Techniques | 342 | T1566.001 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1204 |
|
| Details | MITRE ATT&CK Techniques | 321 | T1112 |
|
| Details | MITRE ATT&CK Techniques | 171 | T1564.001 |
|
| Details | MITRE ATT&CK Techniques | 428 | T1055 |
|
| Details | MITRE ATT&CK Techniques | 205 | T1562 |
|
| Details | MITRE ATT&CK Techniques | 638 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 678 | T1140 |
|
| Details | MITRE ATT&CK Techniques | 247 | T1497 |
|
| Details | MITRE ATT&CK Techniques | 122 | T1552 |
|
| Details | MITRE ATT&CK Techniques | 191 | T1087 |
|
| Details | MITRE ATT&CK Techniques | 147 | T1518.001 |
|
| Details | MITRE ATT&CK Techniques | 232 | T1033 |
|
| Details | MITRE ATT&CK Techniques | 264 | T1012 |
|
| Details | MITRE ATT&CK Techniques | 244 | T1016 |
|
| Details | MITRE ATT&CK Techniques | 210 | T1518 |
|
| Details | MITRE ATT&CK Techniques | 806 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 344 | T1005 |
|
| Details | MITRE ATT&CK Techniques | 167 | T1560 |
|
| Details | MITRE ATT&CK Techniques | 73 | T1114 |
|
| Details | MITRE ATT&CK Techniques | 95 | T1115 |
|
| Details | MITRE ATT&CK Techniques | 672 | T1105 |
|
| Details | MITRE ATT&CK Techniques | 485 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 161 | T1571 |
|
| Details | MITRE ATT&CK Techniques | 20 | T1583.008 |
|
| Details | Windows Registry Key | 33 | HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |