Overview

overview

3

Static

static

1

Hotline Mi...v2.exe

windows7-x64

1

Hotline Mi...v2.exe

windows10-2004-x64

1

data.win

windows7-x64

3

data.win

windows10-2004-x64

3

options.ini

windows7-x64

1

options.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16-03-2023 21:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Hotline Miami 3D Text Generator v2.exe

  • Size

    5.9MB

  • MD5

    7c017eb90fde9db2dcc728bf952281f4

  • SHA1

    409435d515277ffeb164d70d6f1e314cd102517f

  • SHA256

    b21e12727d35cb713d18ef78d7562275a59bc55adfebe8f15745d0081c0b5ca4

  • SHA512

    de7aa88b7a29387c08c67e7d759aad77f12dd1b25dc617fc8c46e2b9bfb76537c33bb36614999b2c7ee65bc6be103bcfc9f4210356832f60da8d946d2a0636cb

  • SSDEEP

    49152:l2XRgESS97T3w8aXiQaVLj5ao6BlyI2d+VRKpVOBCG2d458AfTEcWmg0NaSDl3BB:UasFrcX9Rrj8aPdg0EGUZkrMp4Vj5

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Hotline Miami 3D Text Generator v2.exe
    "C:\Users\Admin\AppData\Local\Temp\Hotline Miami 3D Text Generator v2.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1868
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x560
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1336
  • C:\Users\Admin\AppData\Local\Temp\Hotline Miami 3D Text Generator v2.exe
    "C:\Users\Admin\AppData\Local\Temp\Hotline Miami 3D Text Generator v2.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1200-90-0x000007FFFFFA0000-0x000007FFFFFB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1868-68-0x000007FFFFFA0000-0x000007FFFFFB0000-memory.dmp

    Filesize

    64KB

    Download