HAPPYWORK

Description

(FireEye) HAPPYWORK is a malicious downloader that can download and execute a second-stage payload, collect system information, and beacon it to the command and control domains. The collected system information includes: computer name, user name, system manufacturer via registry, IsDebuggerPresent state, and execution path.

In November 2016, HAPPYWORK targeted government and financial targets in South Korea.

Names

Name
HAPPYWORK

Type

Downloader
Reconnaissance

Information

https://www2.fireeye.com/rs/848-DID-242/images/rpt_APT37.pdf

Mitre Attack

https://attack.mitre.org/software/S0214/

Other Information

Uuid

b7302a45-e3d2-4711-a21f-7de0935de2ba

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

HAPPYWORK

HAPPYWORK

Description

Names

Category

Type

Information

Mitre Attack

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks