home

hex.exe

Hex Entertainment, LLC

This is a setup program which is used to install the application. The file has been seen being downloaded from cdn.juegoslevelup.com and multiple other hosts.
Publisher:
Hex Entertainment, LLC  (signed and verified)

Version:
4.5.2.157915

MD5:
9ae9bfcceb3f811dc4c99c5eb87f6468

SHA-1:
5c413cd8afce9a06cfd36d96339e2163c5cb926e

SHA-256:
2ce4bb148e4a5eb6ba1c2fe5d9b1bc176d3db643c16f200f989ebdb64dea7e2b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/19/2024 2:38:19 PM UTC  (today)

File size:
11 MB (11,545,152 bytes)

Product version:
4.5.2.157915

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
Hex Entertainment, LLC

Authority:
GoDaddy.com, Inc.

Valid from:
7/10/2015 12:26:38 AM

Valid to:
7/9/2016 3:16:40 PM

Subject:
CN="Hex Entertainment, LLC", O="Hex Entertainment, LLC", L=Lake Forest, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00FB5F5F1C10B1AE7F

File PE Metadata
Compilation timestamp:
7/7/2014 12:51:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:P6JcvJsiL2NBNqDGjWNQZbJ7zCFph8B75uD+yPbg/Ls2xzLyLUdeptoQz8YNUQop:PCcvJsiL2NBNqD2WNsJ7zCFph8B75uDc

Entry address:
0x493883

Entry point:
E8, 87, 12, 01, 00, E9, 89, FE, FF, FF, 6A, 14, 68, B8, 3D, DE, 00, E8, 17, 1D, 00, 00, 83, 65, FC, 00, FF, 4D, 10, 78, 3A, 8B, 4D, 08, 2B, 4D, 0C, 89, 4D, 08, FF, 55, 14, EB, ED, 8B, 45, EC, 89, 45, E4, 8B, 45, E4, 8B, 00, 89, 45, E0, 8B, 45, E0, 81, 38, 63, 73, 6D, E0, 74, 0B, C7, 45, DC, 00, 00, 00, 00, 8B, 45, DC, C3, E8, 59, 37, 00, 00, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 0D, 1D, 00, 00, C2, 10, 00, 6A, 0C, 68, D8, 3D, DE, 00, E8, B9, 1C, 00, 00, 83, 65, E4, 00, 8B, 75, 0C, 8B, C6, 0F, AF, 45...
 
[+]

Code size:
8.3 MB (8,726,016 bytes)

The file hex.exe has been seen being distributed by the following 2 URLs.

http://cdn.juegoslevelup.com/Hex.exe

http://www.hexla.com/proxydown.php?f=http://.../Hex.exe

Scan hex.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.