MCC-Loader-Premium-main[.]zip

Resubmissions

02-06-2024 16:51

240602-vc1kgahg76 7

02-06-2024 16:50

240602-vcjlyshg64 7

02-06-2024 16:49

240602-vbt2ashg39 5

02-06-2024 16:45

240602-t9mjfagh5y 7

Sharing

Copy URL

Twitter E-mail

General

Target

MCC-Loader-Premium-main.zip
Size

46.7MB
MD5

343ac8939ff1f2d87e28326856293242
SHA1

d9320eb9f2a07a9ba4f26b56d9eb231bab29713a
SHA256

dbcf0ec08edb25ba62768afdbbae7f7d5259f7699db538d2e267e5615f15b0bf
SHA512

055c4501ca7b664a17e223e775147fc90324e7270e7b6cab28e0be43eb744735cf6ecba1108c8433d8cde6f00cc24ca076595ad545970f472f9836cc7ea8d5c3
SSDEEP

786432:zwCdjQLpL7NAJ2Rt00kRmSVv1n5xdJ2Rt00kRmSVv1n5xtJ2Rt00kRmSVv1n5xMU:zZKpL7Iaq0k5TnT7aq0k5TnTLaq0k5T5

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 3 IoCs

pyinstaller

resource	yara_rule
static1/unpack004/1337hertz.github.io-main/Loader.exe	pyinstaller
static1/unpack007/mcc-loader-free-main/Loader.exe	pyinstaller
static1/unpack007/mcc-loader-free-main/Loader.txt	pyinstaller

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MCC-Loader-Premium-main/cmdbkg.exe
unpack004/1337hertz.github.io-main/Loader.exe
unpack007/mcc-loader-free-main/Loader.exe
unpack007/mcc-loader-free-main/Loader.txt

Files

MCC-Loader-Premium-main.zip
.zip
MCC-Loader-Premium-main/!Multi
MCC-Loader-Premium-main/!PyClickerTrigger(MCC-LOADER)
MCC-Loader-Premium-main/!Utils
MCC-Loader-Premium-main/AnyDesk(IdkWhatIsThisFor).zip
.zip
psdwas-main/AnyDesk.exe
.exe windows:5 windows x86 arch:x86

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:bf:15:2d:ea:f0:b9:81:a8:a9:38:d5:3f:76:9d:b8
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13-12-2021 00:00

Not After

08-01-2025 23:59

Subject

CN=philandro Software GmbH,O=philandro Software GmbH,L=Stuttgart,ST=Baden-Württemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:bf:15:2d:ea:f0:b9:81:a8:a9:38:d5:3f:76:9d:b8
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13-12-2021 00:00

Not After

08-01-2025 23:59

Subject

CN=philandro Software GmbH,O=philandro Software GmbH,L=Stuttgart,ST=Baden-Württemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e3:1f:40:78:a5:4d:5b:60:07:52:5f:03:34:50:93:09:91:b2:c2:4e:37:d1:f5:a4:2a:3b:35:ac:8a:31:3d:6e
Signer

Actual PE Digest

e3:1f:40:78:a5:4d:5b:60:07:52:5f:03:34:50:93:09:91:b2:c2:4e:37:d1:f5:a4:2a:3b:35:ac:8a:31:3d:6e

Digest Algorithm

sha256

PE Digest Matches

true

9a:85:53:c1:0b:36:9d:78:df:2b:56:64:6a:1b:c9:2c:60:4b:ec:a6
Signer

Actual PE Digest

9a:85:53:c1:0b:36:9d:78:df:2b:56:64:6a:1b:c9:2c:60:4b:ec:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Buildbot\ad-windows-32\build\release\app-32\win_loader\AnyDesk.pdb

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 12.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 762B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
psdwas-main/sdsd
MCC-Loader-Premium-main/ConfigNotAvailable
MCC-Loader-Premium-main/LiquidBounce
MCC-Loader-Premium-main/Minecraft
MCC-Loader-Premium-main/Private
MCC-Loader-Premium-main/README-MCCREPO.md
MCC-Loader-Premium-main/README.md
MCC-Loader-Premium-main/Raven
MCC-Loader-Premium-main/Rise
MCC-Loader-Premium-main/SMSSpammer
MCC-Loader-Premium-main/SSTool.zip
.zip
SSTool
exclusive.bmp
main.py
MCC-Loader-Premium-main/SStool
MCC-Loader-Premium-main/VapeClient
MCC-Loader-Premium-main/Vestage
MCC-Loader-Premium-main/bgbg.bmp
MCC-Loader-Premium-main/cmdbkg.exe
.exe windows:4 windows x86 arch:x86

ef8cd7f18a9b59b15033fbc2e15348e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dwmapi

DwmGetWindowAttribute

gdi32

BitBlt
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
GetObjectW
SelectObject

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdiplusShutdown
GdiplusStartup

kernel32

CloseHandle
CreateEventW
CreateFileW
CreateProcessW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
FreeConsole
FreeLibrary
GetCommandLineW
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStartupInfoW
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFree
Process32FirstW
Process32NextW
PulseEvent
QueryPerformanceCounter
ReadConsoleOutputAttribute
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
_iob
_onexit
_wcsicmp
abort
calloc
exit
fprintf
fputs
free
fwrite
malloc
memcmp
memcpy
puts
signal
strlen
strncmp
vfprintf
wcscmp
wcstoul

shell32

CommandLineToArgvW

user32

CopyImage
CreateWindowExW
DefWindowProcW
DispatchMessageW
EnumWindows
GetDC
GetForegroundWindow
GetMessageW
GetMonitorInfoW
GetSystemMetrics
GetWindowLongW
GetWindowRect
GetWindowThreadProcessId
IsIconic
IsWindow
KillTimer
LoadCursorW
MonitorFromWindow
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassW
ReleaseDC
SendMessageW
SendNotifyMessageW
SetForegroundWindow
SetLayeredWindowAttributes
SetTimer
SetWinEventHook
SetWindowLongW
SetWindowPos
UnhookWinEvent
WaitForInputIdle

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MCC-Loader-Premium-main/github.com-0xwhxyu/1337hertz.github.io-main.zip
.zip
1337hertz.github.io-main/1337/assets/audio/whxyu.mp3
1337hertz.github.io-main/1337/assets/media/angelina_kapllani.png
.png
1337hertz.github.io-main/1337/assets/media/favicon.gif
.gif
1337hertz.github.io-main/1337/css/anim.css
1337hertz.github.io-main/1337/css/cosmo.css
1337hertz.github.io-main/1337/css/style.css
1337hertz.github.io-main/1337/css/whxyu.css
1337hertz.github.io-main/1337/index.html
.html
1337hertz.github.io-main/1337/js/audio.js
.js
1337hertz.github.io-main/1337/js/sparkle.js
.js
1337hertz.github.io-main/CNAME
1337hertz.github.io-main/Loader.exe
.exe windows:5 windows x64 arch:x64

bae3d3e8262d7ce7e9ee69cc1b630d3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetWindowThreadProcessId
ShowWindow

kernel32

GetModuleFileNameW
CreateSymbolicLinkW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
SetDllDirectoryW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetConsoleWindow
HeapSize
GetLastError
WriteConsoleW
SetEndOfFile
GetStartupInfoW
TlsSetValue
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
HeapReAlloc
GetFileAttributesExW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCC.pyc
1337hertz.github.io-main/MAS_AIO.cmd
.cmd .vbs
1337hertz.github.io-main/README.md
1337hertz.github.io-main/banner.png
.png
1337hertz.github.io-main/htaccess
1337hertz.github.io-main/index.html
.html
1337hertz.github.io-main/no.bat
1337hertz.github.io-main/proxy
MCC-Loader-Premium-main/github.com-0xwhxyu/infectcord-src-main.zip
.zip
infectcord-src-main/afk_data.json
infectcord-src-main/auto_messages.json
infectcord-src-main/auto_responses.json
infectcord-src-main/config.ini
infectcord-src-main/infreq.txt
infectcord-src-main/install.bat
infectcord-src-main/main.py
infectcord-src-main/patchnotes.md
infectcord-src-main/readme.md
infectcord-src-main/start.bat
MCC-Loader-Premium-main/github.com-0xwhxyu/mcc-loader-free-main.zip
.zip
mcc-loader-free-main/Loader.exe
.exe windows:5 windows x64 arch:x64

bae3d3e8262d7ce7e9ee69cc1b630d3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetWindowThreadProcessId
ShowWindow

kernel32

GetModuleFileNameW
CreateSymbolicLinkW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
SetDllDirectoryW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetConsoleWindow
HeapSize
GetLastError
WriteConsoleW
SetEndOfFile
GetStartupInfoW
TlsSetValue
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
HeapReAlloc
GetFileAttributesExW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCC.pyc
mcc-loader-free-main/Loader.txt
.exe windows:5 windows x64 arch:x64

bae3d3e8262d7ce7e9ee69cc1b630d3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetWindowThreadProcessId
ShowWindow

kernel32

GetModuleFileNameW
CreateSymbolicLinkW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
SetDllDirectoryW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetConsoleWindow
HeapSize
GetLastError
WriteConsoleW
SetEndOfFile
GetStartupInfoW
TlsSetValue
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
HeapReAlloc
GetFileAttributesExW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCC.pyc
MCC-Loader-Premium-main/github.com-0xwhxyu/run-main.zip
.zip
MCC-Loader-Premium-main/main

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

0d:bf:15:2d:ea:f0:b9:81:a8:a9:38:d5:3f:76:9d:b8Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:bf:15:2d:ea:f0:b9:81:a8:a9:38:d5:3f:76:9d:b8Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

e3:1f:40:78:a5:4d:5b:60:07:52:5f:03:34:50:93:09:91:b2:c2:4e:37:d1:f5:a4:2a:3b:35:ac:8a:31:3d:6eSigner

9a:85:53:c1:0b:36:9d:78:df:2b:56:64:6a:1b:c9:2c:60:4b:ec:a6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 10KB - Virtual size: 10KB

.itext Size: - Virtual size: 12.7MB

.rdata Size: 1024B - Virtual size: 762B

.data Size: 3.8MB - Virtual size: 3.8MB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 768B

ef8cd7f18a9b59b15033fbc2e15348e2

Headers

File Characteristics

Imports

dwmapi

gdi32

gdiplus

kernel32

msvcrt

shell32

user32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 60B

.rdata Size: 2KB - Virtual size: 1KB

.eh_fram Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

bae3d3e8262d7ce7e9ee69cc1b630d3a

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 3KB - Virtual size: 12KB

.pdata Size: 9KB - Virtual size: 8KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

0d:bf:15:2d:ea:f0:b9:81:a8:a9:38:d5:3f:76:9d:b8
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:bf:15:2d:ea:f0:b9:81:a8:a9:38:d5:3f:76:9d:b8
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

e3:1f:40:78:a5:4d:5b:60:07:52:5f:03:34:50:93:09:91:b2:c2:4e:37:d1:f5:a4:2a:3b:35:ac:8a:31:3d:6e
Signer

9a:85:53:c1:0b:36:9d:78:df:2b:56:64:6a:1b:c9:2c:60:4b:ec:a6
Signer

.text
Size: 10KB - Virtual size: 10KB

.itext
Size: - Virtual size: 12.7MB

.rdata
Size: 1024B - Virtual size: 762B

.data
Size: 3.8MB - Virtual size: 3.8MB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 768B

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 60B

.rdata
Size: 2KB - Virtual size: 1KB

.eh_fram
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 1KB