df4a737772b29322342ec04ad0ac4be6

Sharing

Copy URL Twitter E-mail

General

Target

df4a737772b29322342ec04ad0ac4be6
Size

468KB
MD5

df4a737772b29322342ec04ad0ac4be6
SHA1

65b1badc5895386c8dabd331fc0355e82b5fb6a2
SHA256

5a60290cf76ee34a9815a4dde71ae45a5d6f45ce56f85606da3dcf4e6d07bdfb
SHA512

60c245f18d410fe1e587d6f9fd95a9ac8ae3b69e21df5ebad801cb3e657071a8a71b3f2458e841a97ef8db4ee85fc9097b0d4029bafa4c9d91fbec48d55df664
SSDEEP

12288:BEh7aguvoaJnlBnOTpbtaBCcKr+wPPZ+hethj6U+xRNyIt:o7aCTuBCT/Ph+heHGzyq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/clickv2/bongo cat.exe

Files

df4a737772b29322342ec04ad0ac4be6
.zip
clickv2/bongo cat.exe
.exe windows:6 windows x86 arch:x86

1c5ed8c4da7a754a576887f6eab3b8a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\hamis\Desktop\neko\bongo cat\Release\bongo cat.pdb

Imports

opengl32

wglMakeCurrent
wglGetProcAddress
glFlush
wglDeleteContext
wglCreateContext
glIsEnabled
glGetString
glGetError
glVertexPointer
glTexCoordPointer
glEnableClientState
glDrawArrays
glDisableClientState
glColorPointer
glViewport
wglShareLists
glEnable
glDisable
glClearColor
glClear
glBlendFunc
glTexSubImage2D
glGenTextures
glDeleteTextures
glBindTexture
glTexParameteri
glTexImage2D
glMatrixMode
glLoadMatrixf
glLoadIdentity
glGetIntegerv

winmm

timeGetDevCaps
timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

gdi32

DescribePixelFormat
ChoosePixelFormat
SetPixelFormat
SwapBuffers
GetDeviceCaps
GetPixelFormat

kernel32

TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
GetVersion
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetUnhandledExceptionFilter
LoadLibraryA
LoadLibraryW
FreeLibrary
FormatMessageW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
IsProcessorFeaturePresent
CreateEventW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
CloseHandle
LocalFree

user32

ChangeDisplaySettingsW
DestroyIcon
CreateIcon
GetWindowThreadProcessId
SetWindowLongW
GetWindowLongW
ClipCursor
MapWindowPoints
ScreenToClient
SetCursor
ShowCursor
AdjustWindowRect
GetClientRect
SetWindowTextW
SetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
SetWindowPos
FlashWindowEx
CreateWindowExW
UnregisterClassW
RegisterClassW
CallWindowProcW
DefWindowProcW
RegisterDeviceNotificationW
SendMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
ReleaseDC
ShowWindow
DestroyWindow
CreateWindowExA
LoadCursorW
GetDC
EnumDisplaySettingsW
GetKeyState
GetCursorPos
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetWindowRect
GetDesktopWindow
TrackMouseEvent

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

msvcp140

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?narrow@?$ctype@_W@std@@QBED_WD@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?_BADOFF@std@@3_JB
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Strcoll
_Strxfrm
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

vcruntime140

_except_handler4_common
memset
memmove
_CxxThrowException
memcpy
_purecall
__std_exception_destroy
__std_exception_copy
strchr
__std_terminate
__CxxFrameHandler3
strstr
memchr

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_seh_filter_exe
terminate
_configure_narrow_argv
_initialize_narrow_environment
_get_narrow_winmain_command_line
_errno
_initterm_e
exit
_exit
_controlfp_s
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
_initterm
_initialize_onexit_table
_register_onexit_function
_crt_atexit

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc
_set_new_mode
realloc

api-ms-win-crt-convert-l1-1-0

strtof
strtol

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode
__acrt_iob_func
fseek
feof
fopen_s
fflush
_get_stream_buffer_pointers
ungetc
fputc
fgetc
fread
fwrite
fgetpos
_fseeki64
fsetpos
setvbuf
fclose

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-math-l1-1-0

_libm_sse2_sin_precise
__setusermatherr
_libm_sse2_cos_precise
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
_except1
ldexp

api-ms-win-crt-string-l1-1-0

isdigit
strncmp

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clickv2/left.png
.png
clickv2/mouse.png
.png
clickv2/mousebg.png
.png
clickv2/right.png
.png
clickv2/settings.txt
clickv2/tablet.png
.png
clickv2/tabletbg.png
.png
clickv2/up.png
.png

Sharing

General

Malware Config

Signatures

Files

1c5ed8c4da7a754a576887f6eab3b8a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

winmm

gdi32

kernel32

user32

advapi32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 206KB - Virtual size: 206KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 14KB

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 206KB - Virtual size: 206KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 14KB

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 10KB - Virtual size: 9KB