Aionbotnet[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Aionbotnet.zip
Size

82.8MB
MD5

3a430fa2e3ddc6f15eb694e739a159f7
SHA1

2d94671fc1b4d78932bac0caba810861156a81bb
SHA256

891cce9bf8bb79da2d4e711c33f16fae33de79204c1d052a4a9fc786e16b8f5f
SHA512

ecbaaeaf23ce7afb8e74a0c957e02034dd9760a9fa1b3b243ad2fa4d01ef3d85db2fcb25a13f431d09362f58394d588bd21516c37bbe684923dd2f3c34353b7b
SSDEEP

1572864:sDJT/vu9+0Z6Zs49/eEAFieF/+/QgiGHw/yuDPAA1Pyafdff0P6/Fcxwv6Dst:sDYMLKORAFie9gQBGHw/yuTAuKOKPmcs

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 2 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/Aionbotnet/AionBotnet.Client.exe	vmprotect
static1/unpack001/Aionbotnet/AionBotnet.MemoryFoam.dll	vmprotect

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Aionbotnet/AionBotnet.AccountManager.exe
unpack001/Aionbotnet/AionBotnet.AionGame.dll
unpack001/Aionbotnet/AionBotnet.Client.exe
unpack001/Aionbotnet/AionBotnet.Core.dll
unpack001/Aionbotnet/AionBotnet.Esp.dll
unpack001/Aionbotnet/AionBotnet.Language.dll
unpack001/Aionbotnet/AionBotnet.Memory.dll
unpack001/Aionbotnet/AionBotnet.MemoryFoam.dll
unpack001/Aionbotnet/AionBotnet.PrivateScriptLibrary.dll
unpack001/Aionbotnet/AionBotnet.ScriptLibrary.dll
unpack001/Aionbotnet/Reflex.Memory.dll
unpack001/Aionbotnet/WpfRadarControl.dll

Files

Aionbotnet.zip
.zip
Aionbotnet/AionBotnet.AccountManager.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.AionGame.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 911KB - Virtual size: 911KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.Client.exe
.exe windows x64

9ca4724f0ebe154fa253170e440224b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCommandLineW
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

shell32

CommandLineToArgvW

ole32

CoInitializeEx

oleaut32

SafeArrayCreate

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

mscoree

CLRCreateInstance

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func

api-ms-win-crt-runtime-l1-1-0

terminate

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

wtsapi32

WTSSendMessageW

user32

GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.Core.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.Esp.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.Language.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.Memory.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.MemoryFoam.dll
.dll windows x64

497c4014bd3ac7cf05acf8661c079aea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

StartServiceA

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

ntdll

NtDeviceIoControlFile

vcruntime140

__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

malloc

wtsapi32

WTSSendMessageW

user32

GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

Exports

Exports

AttachProcessById
DetachProcess
ReadMemoryBool
ReadMemoryByte
ReadMemoryBytes
ReadMemoryDouble
ReadMemoryFloat
ReadMemoryInt
ReadMemoryLong
ReadMemoryUnsignedInt
ReadMemoryUnsignedLong
WriteMemoryByte
WriteMemoryBytes
WriteMemoryDouble
WriteMemoryFloat
WriteMemoryInt
WriteMemoryLong
WriteMemoryUnsignedInt
WriteMemoryUnsignedLong

Sections

.text
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.PrivateScriptLibrary.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/AionBotnet.ScriptLibrary.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/Reflex.Memory.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/Script/Profiles/AionClassic - Grinder/Click To Kill/settings.xml
.xml
Aionbotnet/Script/Profiles/AionClassic - Grinder/Default/settings.xml
.xml
Aionbotnet/Script/Profiles/AionClassic - Grinder/Waypoints/EmptyWaypoint.wxml
Aionbotnet/Script/Profiles/Include/Waypoints/EmptyWaypoint.wxml
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Aethertech.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/AionClassBase.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/AionClassBaseSetting.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/AionClassCreatorDefaultFactory.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/AionClassFactory.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Assassin.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Chanter.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Cleric.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Cleric.cs0
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Executor.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Gladiator.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Gunslinger.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Mage.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Muse.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Painter.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Priest.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Ranger.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Scout.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Soldier.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Songweaver.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Sorcerer.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Spiritmaster.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Technist.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Templar.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/Warrior.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/AionClass/eAionClass.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/Chinese.txt
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/CombatSystemBase.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/CombatSystemDefaultSetting.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/CombatSystemSettingBase.cs
Aionbotnet/Script/Source/Include/AionClassic/Include/CombatSystem/Korean.txt
Aionbotnet/Script/Source/Include/AionClassic/Include/CustomScriptConfigurationAttribute.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/ItemBuffHelper.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/PetMinionHelper.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/PotionHelper.cs
.js
Aionbotnet/Script/Source/Include/AionClassic/Include/ShardHelper.cs
.js
Aionbotnet/Script/Source/Include/ClientBuffStatusDialogHelper.cs
.js
Aionbotnet/Script/Source/Include/GenericHelpers.cs
.js
Aionbotnet/Script/Source/Include/GoldSandShopHelper.cs
.js
Aionbotnet/Script/Source/Include/PetMinionHelper.cs
.js
Aionbotnet/Script/Source/Include/ShardHelper.cs
.js
Aionbotnet/Script/Source/Include/TransformationHelper.cs
.js
Aionbotnet/Script/Source/Include/version.ini
Aionbotnet/Setting/AccountManagerSettings.xml
.xml
Aionbotnet/Setting/AionBotSettings.xml
.xml
Aionbotnet/Setting/AionGraphics/EU/SystemOptionGraphics_lowsettings.cfg
Aionbotnet/Setting/AionGraphics/EU/SystemOptionGraphics_normalsettings.cfg
Aionbotnet/Setting/AionGraphics/EU/system_lowsettings.cfg
Aionbotnet/Setting/AionGraphics/EU/system_normalsettings.cfg
Aionbotnet/Setting/AionGraphics/NA/SystemOptionGraphics_lowsettings.cfg
Aionbotnet/Setting/AionGraphics/NA/SystemOptionGraphics_normalsettings.cfg
Aionbotnet/Setting/AionGraphics/NA/system_lowsettings.cfg
Aionbotnet/Setting/AionGraphics/NA/system_normalsettings.cfg
Aionbotnet/Setting/AlertDiscordHook.ini
Aionbotnet/Setting/AlertSettings.xml
.xml
Aionbotnet/Setting/CheatingTool.xml
.xml
Aionbotnet/Setting/EspSettings.xml
.xml
Aionbotnet/Setting/Radar.xml
.xml
Aionbotnet/Setting/Skills.xml
.xml
Aionbotnet/Setting/SkillsAionClassic.xml
.xml
Aionbotnet/Setting/SkillsAionClassic20.xml
.xml
Aionbotnet/Setting/SkillsAionClassic24.xml
.xml
Aionbotnet/Setting/SkillsAionClassic27.xml
.xml
Aionbotnet/Setting/name.ini
Aionbotnet/Sounds/Death.mp3
Aionbotnet/Sounds/EnemyPlayer_Alarm.mp3
Aionbotnet/Sounds/FriendlyPlayer_Alarm.mp3
Aionbotnet/Sounds/GM_Alarm.mp3
Aionbotnet/Sounds/InventoryFull.mp3
Aionbotnet/Sounds/Message_Alarm.mp3
Aionbotnet/WpfRadarControl.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aionbotnet/data.ncf
.zip
Aionbotnet/map.dat

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 12KB - Virtual size: 11KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 911KB - Virtual size: 911KB

.rsrc Size: 1024B - Virtual size: 964B

9ca4724f0ebe154fa253170e440224b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

ole32

oleaut32

msvcp140

mscoree

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

wtsapi32

user32

Sections

.text Size: - Virtual size: 7KB

.rdata Size: - Virtual size: 5.0MB

.data Size: - Virtual size: 22KB

.pdata Size: - Virtual size: 780B

.vmp0 Size: - Virtual size: 3.3MB

.vmp1 Size: 8.2MB - Virtual size: 8.2MB

.reloc Size: 512B - Virtual size: 200B

.rsrc Size: 1.0MB - Virtual size: 1.0MB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 445KB - Virtual size: 445KB

.rsrc Size: 1024B - Virtual size: 932B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 432KB - Virtual size: 431KB

.rsrc Size: 1024B - Virtual size: 932B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 112KB - Virtual size: 112KB

.rsrc Size: 1024B - Virtual size: 892B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 84KB - Virtual size: 84KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 12KB - Virtual size: 11KB

.text
Size: 911KB - Virtual size: 911KB

.rsrc
Size: 1024B - Virtual size: 964B

.text
Size: - Virtual size: 7KB

.rdata
Size: - Virtual size: 5.0MB

.data
Size: - Virtual size: 22KB

.pdata
Size: - Virtual size: 780B

.vmp0
Size: - Virtual size: 3.3MB

.vmp1
Size: 8.2MB - Virtual size: 8.2MB

.reloc
Size: 512B - Virtual size: 200B

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 445KB - Virtual size: 445KB

.rsrc
Size: 1024B - Virtual size: 932B

.text
Size: 432KB - Virtual size: 431KB

.rsrc
Size: 1024B - Virtual size: 932B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 1024B - Virtual size: 892B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 1024B - Virtual size: 948B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 13KB

.rdata
Size: - Virtual size: 47KB

.data
Size: - Virtual size: 1KB

.pdata
Size: - Virtual size: 1KB

.vmp0
Size: - Virtual size: 3.3MB

.vmp1
Size: 5.2MB - Virtual size: 5.2MB

.reloc
Size: 512B - Virtual size: 184B

.rsrc
Size: 512B - Virtual size: 233B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 5.2MB - Virtual size: 5.2MB

.rsrc
Size: 1024B - Virtual size: 1012B

.text
Size: 156KB - Virtual size: 155KB

.rsrc
Size: 1024B - Virtual size: 964B

.text
Size: 236KB - Virtual size: 236KB

.rsrc
Size: 1024B - Virtual size: 932B