Static task
static1
Behavioral task
behavioral1
Sample
cac2x2m.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
cac2x2m.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
x2m2cac.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
x2m2cac.exe
Resource
win10v2004-20220812-en
General
-
Target
Eternity-Tools.zip
-
Size
97.3MB
-
MD5
ef755fba9d0196b4a911ecd749141e2e
-
SHA1
65d3612c7ba59d3d415bbadfc5ee58e88ef794f7
-
SHA256
d49c261523d81d99490ad311a1162e3802df88363b91510f2d265a32cc0ca877
-
SHA512
0ef0f342f6d9d0e83888b6241d6cbae3c8aa8f3180299b009a4836a9cbf6999417d6161a736594492ea8f23874178a255c559caaabff713601f4b770a657e849
-
SSDEEP
1572864:p9JdXCbXXOE0CL/xbVp9tdXO0B+fiSklY9vGJaqFbAJbVrcQZf:pHCORCLpbVfvF+fiSh6aqFi54e
Malware Config
Signatures
Files
-
Eternity-Tools.zip.zip
-
Cac2X2m.zip.zip
-
cac2x2m.exe.exe windows x64
fd6c53335ce5f14380ced622e11f4a9c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
gdi32
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
CombineRgn
CreateBitmap
GetDIBits
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
ole32
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoTaskMemAlloc
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
StringFromGUID2
CoCreateInstance
CoUninitialize
user32
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
GetWindowTextW
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetWindowLongW
ScreenToClient
GetSysColor
SystemParametersInfoW
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
EnumWindows
RealGetWindowClassW
GetUserObjectSecurity
MessageBoxA
ChangeClipboardChain
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW
imm32
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey
winmm
PlaySoundW
oleaut32
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
SysStringLen
shell32
SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
advapi32
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
kernel32
GetCommandLineA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
HeapAlloc
HeapFree
AreFileApisANSI
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
GetStringTypeW
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
CreateMutexW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
FileTimeToSystemTime
HeapReAlloc
MoveFileW
CopyFileW
DeviceIoControl
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetModuleFileNameW
GetStartupInfoW
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
Sleep
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
LCMapStringW
GetLocalTime
GetSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
LoadLibraryExW
ExitThread
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SystemTimeToTzSpecificLocalTime
WaitForSingleObjectEx
OutputDebugStringW
GetCommandLineW
GetUserDefaultLCID
CompareStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetProcessHeap
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
GetUserGeoID
SetEnvironmentVariableA
WriteConsoleW
CreateEventW
CloseHandle
GetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateThread
ResumeThread
FindClose
FindFirstFileExA
FindNextFileA
GetProcAddress
MultiByteToWideChar
CreateFileW
DeleteFileW
MoveFileExW
GetFileSizeEx
GetFileTime
GetFileType
ReadFile
SetFilePointerEx
WriteFile
GetTickCount
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
ws2_32
WSAAsyncSelect
Sections
.text Size: 8.6MB - Virtual size: 8.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.6MB - Virtual size: 4.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 481KB - Virtual size: 480KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmetad Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 1024B - Virtual size: 528B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 232KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 53KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
changelog.txt
-
x2m2cac.exe.exe windows x64
fd6c53335ce5f14380ced622e11f4a9c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
gdi32
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
CombineRgn
CreateBitmap
GetDIBits
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
ole32
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoTaskMemAlloc
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
StringFromGUID2
CoCreateInstance
CoUninitialize
user32
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
GetWindowTextW
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetWindowLongW
ScreenToClient
GetSysColor
SystemParametersInfoW
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
EnumWindows
RealGetWindowClassW
GetUserObjectSecurity
MessageBoxA
ChangeClipboardChain
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW
imm32
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey
winmm
PlaySoundW
oleaut32
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
SysStringLen
shell32
SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
advapi32
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
kernel32
GetCommandLineA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
HeapAlloc
HeapFree
AreFileApisANSI
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
GetStringTypeW
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
CreateMutexW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
FileTimeToSystemTime
HeapReAlloc
MoveFileW
CopyFileW
DeviceIoControl
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetModuleFileNameW
GetStartupInfoW
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
Sleep
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
LCMapStringW
GetLocalTime
GetSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
LoadLibraryExW
ExitThread
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SystemTimeToTzSpecificLocalTime
WaitForSingleObjectEx
OutputDebugStringW
GetCommandLineW
GetUserDefaultLCID
CompareStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetProcessHeap
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
GetUserGeoID
SetEnvironmentVariableA
WriteConsoleW
CreateEventW
CloseHandle
GetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateThread
ResumeThread
FindClose
FindFirstFileExA
FindNextFileA
GetProcAddress
MultiByteToWideChar
CreateFileW
DeleteFileW
MoveFileExW
GetFileSizeEx
GetFileTime
GetFileType
ReadFile
SetFilePointerEx
WriteFile
GetTickCount
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
ws2_32
WSAAsyncSelect
Sections
.text Size: 8.5MB - Virtual size: 8.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 478KB - Virtual size: 477KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmetad Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 1024B - Virtual size: 528B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 232KB - Virtual size: 232KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 53KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Cycit.zip.zip
-
Sample Quests.zip.zip
-
XV2 Quest Importer.zip.zip
-
XV2INS.zip.zip
-
[OLD VERSION, for 1.19] xv2patcher_3.9.zip.zip
-
dual_tool.zip.zip
-
genser_3.6.zip.zip
-
iggy_as3_test_0.2.rar.rar
-
xv2patcher_3.91.zip.zip
-
xv2savdec.zip.zip
-
yace0.31.zip.zip