Static task
static1
General
-
Target
cleo.rar
-
Size
633KB
-
MD5
668b60ee7307f2f4c1ded6294a1dfa8b
-
SHA1
22b44ba68899853713dc56a46be5421d2571c257
-
SHA256
0b5ffd4786ab842728d8b0cb9d35a26e2c8f1fe77901c22390c8d36369615acb
-
SHA512
d9c191bc50a6f56e60e0ed07eaaafd7c1370897bc859d9f7aea848fa327b3c97d640bacfd8994f09e62f6c2bbbbff79dcc2471677edb3a0763ff07295ff9b9a3
-
SSDEEP
12288:jLHyhWer0NYrkFSYFRMw89J34MRFHavwf3rTBs+528dstr0i4rtttcjyL+:yh/r0erCScRE9J3fRFHavC3/BsZ8dstT
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/cleo/FileSystemOperations.cleo unpack001/cleo/IniFiles.cleo unpack001/cleo/IntOperations.cleo
Files
-
cleo.rar.rar
-
cleo/Enhance ParticleTXD (Junior_Djjr).cs.vbs
-
cleo/Enhance ParticleTXD.ini
-
cleo/FPS_UNLOCK.cs
-
cleo/FileSystemOperations.cleo.dll windows:6 windows x86 arch:x86
dffc22e192845817859859bcb035ab68
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
cleo.asi
ord8
ord6
ord3
ord5
ord12
kernel32
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
CopyFileA
GetFileAttributesA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
CreateFileW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DecodePointer
WriteConsoleW
user32
MessageBoxA
Sections
.text Size: 62KB - Virtual size: 62KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cleo/FixDIST.cs
-
cleo/HUDFix.cs
-
cleo/IniFiles.cleo.dll windows:6 windows x86 arch:x86
cebde476285745a8946f05941d9663bf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
cleo.asi
ord10
ord15
ord12
ord11
ord8
ord1
ord3
ord13
ord5
ord4
ord20
kernel32
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DecodePointer
WriteConsoleW
user32
MessageBoxA
Sections
.text Size: 73KB - Virtual size: 73KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cleo/IntOperations.cleo.dll windows:6 windows x86 arch:x86
cde885c3c2ca26d4a18ae494285a2c31
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
cleo.asi
ord11
ord8
ord3
ord5
ord19
user32
MessageBoxA
kernel32
DecodePointer
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
Sections
.text Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cleo/Lighthouse & Pyramid Fix (Junior_Djjr).cs
-
cleo/Nocam restore.cs
-
cleo/SensitivityFix.cs
-
cleo/StableVehCam.cs
-
cleo/Sun.cs
-
cleo/anticrasher037.cs
-
cleo/cleo_saves/staminahud.cs
-
cleo/limit.cs
-
cleo/mirasounds/molly.wav
-
cleo/mirasounds/pinpull.wav
-
cleo/mirasounds/pistolin.wav
-
cleo/mirasounds/pistolout.wav
-
cleo/mirasounds/riflein.wav
-
cleo/mirasounds/rifleout.wav
-
cleo/mirasounds/satchel.wav
-
cleo/mirasounds/smgin.wav
-
cleo/mirasounds/smgout.wav
-
cleo/mirasounds/zoom.wav
-
cleo/money.cs
-
cleo/money.ini
-
cleo/mousensxy.cs
-
cleo/noisefix.cs
-
cleo/noradio.cs
-
cleo/outline_highpriority_text.cs
-
cleo/proportionalCoronas.cs
-
cleo/sensfix.ini
-
cleo/sunlight.cs
-
cleo/wase.cs
-
cleo/wase.txt