OnixClient[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

OnixClient.dll
Size

1.2MB
MD5

23d451e98280b15ae0024e6e3051eb97
SHA1

8e014a8f86c5b2a9388ee1ff683882532e0fa531
SHA256

8db3c374d51f96857a11aa2f6b2a4e5173567623c2d4f478f28b59bdb2faae3a
SHA512

c6ce5e88ce9c4c6fbb9b5a1bfdbe2ddd125c77abf512f263524a3a950d1d322ff7121c490ea28b457cff8ffa77b528ae4ca23844b542fb6a2fc97b0ad5dfd441
SSDEEP

24576:whGlKBIRRkbNmU6TRxzuc12kJSnc5Qo5s7IdZAwa+ux9V+b:B0BIRRkRITRxzp8aScM7UgM

Score

1^/10

Malware Config

Signatures

Files

OnixClient.dll
.dll windows x64

ab830c8212960bc38d2a92ae4f280618

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WideCharToMultiByte
GlobalUnlock
GlobalAlloc
GlobalFree
Sleep
GetLocalTime
DeleteFileA
GlobalMemoryStatusEx
K32GetProcessMemoryInfo
GetCurrentProcess
FreeLibraryAndExitThread
VirtualQuery
CreateThread
SetThreadPriority
GetCurrentThreadId
TerminateThread
K32GetModuleInformation
VirtualProtect
FlushInstructionCache
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentProcessId
OpenThread
GetThreadContext
SetThreadContext
SuspendThread
ResumeThread
GetModuleHandleW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
VirtualAlloc
GlobalLock
GetSystemInfo
TlsAlloc
LoadLibraryExW
GetModuleFileNameW
InterlockedFlushSList
InterlockedPushEntrySList
TlsGetValue
TlsSetValue
TlsFree
ReadFile
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleHandleExW
ExitProcess
GetStdHandle
GetConsoleMode
ReadConsoleW
RtlPcToFileHeader
SetLastError
WriteFile
GetConsoleOutputCP
GetFileSizeEx
CompareStringW
RtlUnwindEx
MultiByteToWideChar
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcAddress
LCMapStringW
GetLocaleInfoW
RtlUnwind
LoadLibraryA
GetModuleHandleA
CloseHandle
WaitForSingleObject
VirtualFree
WriteConsoleW
HeapSize
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
SetStdHandle
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale

user32

GetWindowRect
FindWindowA
UnregisterClassA
DestroyWindow
CreateWindowExA
DefWindowProcA
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
MapVirtualKeyA
SetCursorPos
GetKeyState
RegisterClassExA

api-ms-win-core-localization-l1-2-0

LCMapStringEx
FormatMessageA
GetCPInfo

api-ms-win-core-synch-l1-1-0

ResetEvent
CreateEventW
SetEvent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
WaitForSingleObjectEx
TryEnterCriticalSection

api-ms-win-core-processthreads-l1-1-0

GetStartupInfoW
TerminateProcess

api-ms-win-core-processenvironment-l1-1-0

GetCurrentDirectoryW

api-ms-win-core-file-l1-1-0

CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
SetFileInformationByHandle
SetFilePointerEx
GetFullPathNameW
SetEndOfFile

api-ms-win-core-file-l1-2-2

AreFileApisANSI

api-ms-win-core-errorhandling-l1-1-0

GetLastError
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-string-l1-1-0

GetStringTypeW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-heap-l1-1-0

GetProcessHeap

urlmon

URLDownloadToFileA

ole32

CoIncrementMTAUsage

oleaut32

SysFreeString

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-error-l1-1-0

GetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

Exports

Exports

GetClientVersion
GetMinecraftVersion
icudtcoherent53_dat

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab830c8212960bc38d2a92ae4f280618

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

api-ms-win-core-localization-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-file-l1-2-2

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-heap-l1-1-0

urlmon

ole32

oleaut32

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-winrt-l1-1-0

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 186KB - Virtual size: 186KB

.data Size: 8KB - Virtual size: 25KB

.pdata Size: 32KB - Virtual size: 32KB

_RDATA Size: 9KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 186KB - Virtual size: 186KB

.data
Size: 8KB - Virtual size: 25KB

.pdata
Size: 32KB - Virtual size: 32KB

_RDATA
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 5KB - Virtual size: 4KB