 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: SilverHawk| Names | SilverHawk | |
| Category | Malware | |
| Type | Backdoor, Info stealer, Exfiltration | |
| Description | (Lookout) App Capabilities: • Record Audio o Stream environment audio over raw socket when instructed • Take photos with device camera • Survival counter - failed server connections and it stops • Retrieve files from external storage o Top directory o Downloads, Pictures, DCIM directories o WhatsApp, Telegram, Viber, ShareIt content o Files sent over Bluetooth • File utility to copy, move, rename, and delete files • Download attacker specified files • Enumerate installed apps incl. date & time installed • Attempt to execute attacker specified commands or binary as root • Retrieve contacts and related data: o Call logs o Contacts o Text Messages • Location, direction, and acceleration of the device • Remotely updateable C2 IP and port • Hide Icon • Device information o Retrieve battery levels, WiFi and GPS status, storage and cellular carrier info | |
| Information | <https://i.blackhat.com/eu-18/Wed-Dec-5/eu-18-DelRosso-Under-the-SEA.pdf> | |
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Syrian Electronic Army (SEA), Deadeye Jackal |  | 2011-Aug 2021 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |