<<< Hide Navigation Hide TOC >>>

HAPPYWORK (656cd201-d57a-4a2f-a201-531eb4922a72)

HAPPYWORK is a malicious downloader that can download and execute a second-stage payload, collect system information, and beacon it to the command and control domains. The collected system information includes: computer name, user name, system manufacturer via registry, IsDebuggerPresent state, and execution path. In November 2016, HAPPYWORK targeted government and financial targets in South Korea.

Rows: 4

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Attack Pattern Tool		Clear Malware	Clear 1 2
HAPPYWORK (656cd201-d57a-4a2f-a201-531eb4922a72)	Tool	HAPPYWORK - S0214 (211cfe9f-2676-4e1c-a5f5-2c8091da2a68)	Malware	1
System Owner/User Discovery - T1033 (03d7999c-1f4c-42cc-8373-e7690d318104)	Attack Pattern	HAPPYWORK - S0214 (211cfe9f-2676-4e1c-a5f5-2c8091da2a68)	Malware	2
System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1)	Attack Pattern	HAPPYWORK - S0214 (211cfe9f-2676-4e1c-a5f5-2c8091da2a68)	Malware	2
Ingress Tool Transfer - T1105 (e6919abc-99f9-4c6c-95a5-14761e7b2add)	Attack Pattern	HAPPYWORK - S0214 (211cfe9f-2676-4e1c-a5f5-2c8091da2a68)	Malware	2