Resubmissions
23-04-2023 17:07
230423-vm2waagc9v 723-04-2023 17:03
230423-vkr83aeg34 723-04-2023 16:56
230423-vf3h8sef88 7Analysis
-
max time kernel
66s -
max time network
72s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
23-04-2023 16:56
General
-
Target
Hexa v1.5.zip
-
Size
21.5MB
-
MD5
fff80170492a9c4a8f4948ded88a36ae
-
SHA1
f1523517319cb5717cee0f06ae3500dca3be2a07
-
SHA256
871761e2556c306e5507c278fee29c3f507d4eb0efac36cb98dc432daa15784f
-
SHA512
7f37c7b76c1adb990f310282902a737b257689ee82141a0c291363399769f5cf63209e0028c112b519af5d2ceb8a09dad92cc1ad32d5ea9e023886d5edea10e5
-
SSDEEP
393216:hjsBtdiiH+F7w7ifc8Ms68AbEupoQIx+q03woJxKK9S0bj+rTObuHPXvL9Qk:hoBfiiH+hjfcttnAupoNx/awoJxKIS0E
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Hexa v1.5.zip"1⤵
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x5481⤵
- Suspicious use of AdjustPrivilegeToken