(cache)Free Automated Malware Analysis Service

Submission name:

HWiNFO_Monitor_Setup.exe

Size:

4MiB

Type:

compressed innosetup

Mime:

application/vnd.microsoft.portable-executable

SHA256:

eefc0f986dd3ea376a4a54f80ce0dc3e6491165aefdd7d5d6005da3892ce248f Copy SHA256 to clipboard

Submitted At:

2026-04-09 23:30:40 (UTC)

Last Anti-Virus Scan:

2026-04-11 20:06:15 (UTC)

Last Sandbox Report:

2026-04-10 22:34:39 (UTC)

malicious

Threat Score: 100/100

AV Detection: 40%

Labeled As: Trojan[Backdoor]/Win64.Alien

#urlscanio

Community Score

MetaDefender
Multi Scan Analysis

Malicious (11/27)

Be alerted when interesting malware samples emerge. Every day, MalQuery ingests over 750,000 malware samples, you can use YARA to monitor MalQuery as new samples are added and be alerted via email or API when there is a match.

Learn more

Windows 11 64 bit

HWiNFO_Monitor_Setup.exe
April 10th 2026 22:34:39 (UTC)

Malicious

Threat Score:: 100/100
Indicators:: 1
24
134

Labeled As:: Trojan_Win32_Wacatac_C_ml
Characteristics:

Windows 7 64 bit

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:51 (UTC)

Malicious

Threat Score:: 77/100
Indicators:: 1
20
173

Labeled As:: ABTrojan.XSEH
Characteristics:

Windows 11 64 bit

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:37 (UTC)

Malicious

Threat Score:: 77/100
Indicators:: 1
25
143

Labeled As:: ABTrojan.XSEH
Characteristics:

Windows 10 64 bit

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:29 (UTC)

Malicious

Threat Score:: 77/100
Indicators:: 1
26
132

Labeled As:: ABTrojan.XSEH
Characteristics:

Windows 11 64 bit

HWiNFO_Monitor_Setup.exe
April 10th 2026 01:37:32 (UTC)

Malicious

Threat Score:: 71/100
Indicators:: 1
13
135

Labeled As:: ABTrojan.XSEH
Characteristics:

Windows 10 64 bit

HWiNFO_Monitor_Setup.exe
April 10th 2026 01:37:22 (UTC)

Malicious

Threat Score:: 76/100
Indicators:: 1
26
161

Labeled As:: ABTrojan.XSEH
Characteristics:

Timestamp	Input	Threat Level	Analysis Summary	Countries	Environment
April 10th 2026 04:43:51 (UTC)	HWiNFO_Monitor_Setup.exe	malicious	Threat Score: 77/100 Indicators:120173 Characteristics: ABTrojan.XSEH	-	Windows 7 64 bit
April 10th 2026 01:37:32 (UTC)	HWiNFO_Monitor_Setup.exe	malicious	Threat Score: 71/100 Indicators:113135 Characteristics: ABTrojan.XSEH	-	Windows 11 64 bit
April 10th 2026 04:43:37 (UTC)	HWiNFO_Monitor_Setup.exe	malicious	Threat Score: 77/100 Indicators:125143 Characteristics: ABTrojan.XSEH	-	Windows 11 64 bit
April 10th 2026 22:34:39 (UTC)	HWiNFO_Monitor_Setup.exe	malicious	Threat Score: 100/100 Indicators:124134 Characteristics: Trojan_Win32_Wacatac_C_ml	-	Windows 11 64 bit
April 10th 2026 01:37:22 (UTC)	HWiNFO_Monitor_Setup.exe	malicious	Threat Score: 76/100 Indicators:126161 Characteristics: ABTrojan.XSEH	-	Windows 10 64 bit
April 10th 2026 04:43:29 (UTC)	HWiNFO_Monitor_Setup.exe	malicious	Threat Score: 77/100 Indicators:126132 Characteristics: ABTrojan.XSEH	-	Windows 10 64 bit

Relations

Dropped Files (13)

Input	Threat Level	Actions
is-6I3VGSZG9M.tmp 776446faf98a68f6ebc36e800455645cf04197edd4c249c6b2fe178c86b18652	malicious
HWiNFO Monitor.lnk 0f7980d4f585cb2f2d7a8e8e7341cb4204f33559d7b5c2e392d14e52cde2c99d	no specific threat
#U0423#U0434#U0430#U043b#U0438#U0442#U044c HWiNFO Monitor.lnk 4f9177de31beb39cb36c65e48ff82d306a451cfd292fc58bd7e0878d69f04cf1	no specific threat
#U0423#U0434#U0430#U043b#U0438#U0442#U044c HWiNFO Monitor.lnk 6880c10f8c83f815ca0889b0e0e45dd72d59ff66ff4f8968b3bc43640406fa56	no specific threat
#U0423#U0434#U0430#U043b#U0438#U0442#U044c HWiNFO Monitor.lnk 6f90ba27873fb550e8880d493a04e65226f4bb3169e5e5a68ddbacc4d433cdc3	no specific threat
#U0423#U0434#U0430#U043b#U0438#U0442#U044c HWiNFO Monitor.lnk aac63919728be13e970292dc44bfe15e95ae2d14af18b4717ad0d4e3ce1c2aca	no specific threat
HWiNFO Monitor.lnk c9248e49a0a229000db8ac4ca19e1d9c3a2adb21653f5b4211d1fc2405bb019c	no specific threat
#U0423#U0434#U0430#U043b#U0438#U0442#U044c HWiNFO Monitor.lnk d34a3629b9c92402bcefe17ee8bb3a224549efe491a944be93579348902db0c9	no specific threat
HWMonitor_x64.exe 02db6764d1f13b837b0a525e5931bdbc67e7a2a4d071e849c7e087255d4a2d5b	suspicious
is-1OSQQPAUME.tmp 5e9b42e797477b04e2cd2c17de7a43830378a5813c486beba29edb655c898a62	suspicious

Risk Assessment

Remote Access: Reads terminal service related keys (often RDP related)
Spyware: Found a string that may be used as part of an injection method
Persistence: Writes data to a remote process
Evasive: Marks file for deletion

MITRE ATT&CK™ Techniques Detection

We found MITRE ATT&CK™ data in 6 reports, on average each report has 165 mapped indicators. View all details

Anonymous commented 1 day ago
File provided by #urlscanio

You must be logged in to submit a comment.

Scrutiny		Vir.IT eXplorer
K7	Riskware ( 00584baa1 )	AhnLab	Trojan/Win.Generic
Aurora	Malware_-6	CMC	Trojan_Win32_Wacatac_C_ml
Xcitium		RocketCyber
ClamAV		Huorong
Bitdefender		Trellix
Gridinsoft	Trojan.Win32.Wacatac.cl	Avira
Filseclab	UDS:Trojan.Generic.jyce	Zillya!
Sophos	Troj/MDrop-KHO	VirusBlokAda
NETGATE		TACHYON
Varist	W32/ABTrojan.XSEH-1374	Antiy	Trojan[Backdoor]/Win64.Alien
SentinelOne		Lionic	Trojan.Win32.OfRat.tt66
Emsisoft		NANOAV
ESET	Win64/Agent.IZS trojan

Multi-Process	Extracted Files	Sample not shared
Network Traffic	TOR analysis	Decrypted SSL traffic

Analysis Overview Request Report Deletion Show Sample Content

Anti-Virus Results

MetaDefender
Multi Scan Analysis

Malicious (11/27)

Falcon Sandbox Reports (6) Characteristics Legend Show All As List Submit

HWiNFO_Monitor_Setup.exe
April 10th 2026 22:34:39 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:51 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:37 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:29 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe
April 10th 2026 01:37:32 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe
April 10th 2026 01:37:22 (UTC)

Malicious

Relations

Incident Response

Risk Assessment

MITRE ATT&CK™ Techniques Detection

Community

Anonymous commented 1 day ago

ABOUT COOKIES ON THIS SITE

Your Privacy

Strictly Necessary Cookies

Performance Cookies

Functional Cookies

Targeting Cookies

Your Privacy

Strictly Necessary Cookies

Performance Cookies

Functional Cookies

Targeting Cookies

Cookie List

Analysis Overview Request Report Deletion Show Sample Content

Anti-Virus Results Updated 1 hour ago

MetaDefender Multi Scan Analysis

Malicious (11/27)

Falcon Sandbox Reports (6) Characteristics Legend Show All As List Submit

HWiNFO_Monitor_Setup.exe April 10th 2026 22:34:39 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe April 10th 2026 04:43:51 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe April 10th 2026 04:43:37 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe April 10th 2026 04:43:29 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe April 10th 2026 01:37:32 (UTC)

Malicious

HWiNFO_Monitor_Setup.exe April 10th 2026 01:37:22 (UTC)

Malicious

Relations

Incident Response

Risk Assessment

MITRE ATT&CK™ Techniques Detection

Community

Anonymous commented 1 day ago

Vetting required

Request Report Deletion

Link

Anti-Virus Results

MetaDefender
Multi Scan Analysis

HWiNFO_Monitor_Setup.exe
April 10th 2026 22:34:39 (UTC)

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:51 (UTC)

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:37 (UTC)

HWiNFO_Monitor_Setup.exe
April 10th 2026 04:43:29 (UTC)

HWiNFO_Monitor_Setup.exe
April 10th 2026 01:37:32 (UTC)

HWiNFO_Monitor_Setup.exe
April 10th 2026 01:37:22 (UTC)