Threat Database Trojans Trojan.MSIL.Clicker.CCC

Trojan.MSIL.Clicker.CCC

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.MSIL.Clicker.CCC
Signature status: No Signature

Known Samples

MD5: 16896b10753ea1e316a48d7361ee6393
SHA1: d70d8adbcc6c29c6cfa121a89835f558ece9ed47
SHA256: 5FB02A5818B0774414B3F3C6C17C619AAD6518D97ED391209BDF3E62B11A6DD9
File Size: 18.43 KB, 18432 bytes
MD5: eb00dac7aacbcc2d1b817442bbd91b10
SHA1: b56d906e7e647760c955af061f595c164d621179
SHA256: C9EB359EC7E0E8F6322942A88EC8D58CC7F7777B7F5A872B2DB888AD1FA90A46
File Size: 18.94 KB, 18944 bytes
MD5: d03b7bd2ef87ce7ae403d1f66f435a03
SHA1: a7ddf4043db066f4cbdcc92ed99aba74d5a43fb0
SHA256: 79E763BF24F36F83F696B8A69635DE50C263C6EEC95E9CD22C1FCEE70AFC46BD
File Size: 18.94 KB, 18944 bytes
MD5: 3ee279379c1e41085e75909755a1a925
SHA1: e27e86257ccc8aee6f2b02a309622eddc0d46d63
SHA256: C7036066159B0AF317CE776AF0BEA15587BA38A0615014125E5D6EC364DBB56D
File Size: 18.94 KB, 18944 bytes
MD5: ee67c2e28cdfb6f62e6775de176077ff
SHA1: 3cb63f0a0ce5861718160170149a92621ac9f352
SHA256: 208C99EB93E23E31B4B9CB96A4F90F2A9FA33582CE7A7F054CAFB506C39F80AD
File Size: 18.43 KB, 18432 bytes
Show More
MD5: 69aeee124513ac567052614e4fdb62d0
SHA1: 4fecf85e560c7c31cb0753ca97d717a5e69b6907
SHA256: D6D66BF29F694D0600E405DB8B447427E566C1300B010F95D6A54A1A4A87C965
File Size: 17.92 KB, 17920 bytes
MD5: e2247705076409bd8d42f74d8f0a3dbd
SHA1: 61e1c1987d05884316b70baa6a67aad7ab7cb4bc
SHA256: 81DE809784EDBE9CDD55B584D524E06E92FE07EAA8B184C2968836080FA22A71
File Size: 18.43 KB, 18432 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is .NET application
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Assembly Version 1.0.0.0
Comments
  • Dynamic suite that supports your speed. Smart AI that improves your connectivity. Flexible module that monitors your productivity. Dynamic suite that supports your speed. Smart AI that improves your connectivity. Flexible module that monitors your productivity. udod_4544 Dynamic suite that supports your speed. Smart AI that improves your connectivity. Flexible module that monitors your productivity.
  • Intelligent utility that optimizes your automation. Efficient suite that integrates your system. Smart technology that improves your analytics. Intelligent utility that optimizes your automation. Efficient suite that integrates your system. Smart technology that improves your analytics. duk_8273 Intelligent utility that optimizes your automation. Efficient suite that integrates your system. Smart technology that improves your analytics.
  • Lightweight assistant that integrates your system. Scalable solution that supports your system. Efficient AI that monitors your files. Lightweight assistant that integrates your system. Scalable solution that supports your system. Efficient AI that monitors your files. hijum_893 Lightweight assistant that integrates your system. Scalable solution that supports your system. Efficient AI that monitors your files.
  • Powerful solution that streamlines your workflow. Efficient assistant that integrates your tasks. Flexible tool that simplifies your processes. Powerful solution that streamlines your workflow. Efficient assistant that integrates your tasks. Flexible tool that simplifies your processes. jamip_2348 Powerful solution that streamlines your workflow. Efficient assistant that integrates your tasks. Flexible tool that simplifies your processes.
  • Reliable framework that simplifies your analytics. Powerful assistant that optimizes your connectivity. Seamless assistant that manages your connectivity. Reliable framework that simplifies your analytics. Powerful assistant that optimizes your connectivity. Seamless assistant that manages your connectivity. ivon_9053 Reliable framework that simplifies your analytics. Powerful assistant that optimizes your connectivity. Seamless assistant that manages your connectivity.
  • Robust framework that accelerates your storage. Versatile technology that automates your speed. Versatile service that customizes your files. Robust framework that accelerates your storage. Versatile technology that automates your speed. Versatile service that customizes your files. goq_4288 Robust framework that accelerates your storage. Versatile technology that automates your speed. Versatile service that customizes your files.
  • Secure platform that automates your system. Reliable module that enhances your tasks. Powerful module that boosts your operations. Secure platform that automates your system. Reliable module that enhances your tasks. Powerful module that boosts your operations. seh_8706 Secure platform that automates your system. Reliable module that enhances your tasks. Powerful module that boosts your operations.
Company Name
  • duk_8273
  • goq_4288
  • hijum_893
  • ivon_9053
  • jamip_2348
  • seh_8706
  • udod_4544
File Description
  • bena_8646
  • ewaso_8683
  • iruca_5973
  • jipo_4591
  • koj_1975
  • ribod_8270
  • xewa_4888
File Version 1.0.0.0
Internal Name
  • duk_8273.exe
  • goq_4288.exe
  • hijum_893.exe
  • ivon_9053.exe
  • jamip_2348.exe
  • seh_8706.exe
  • udod_4544.exe
Legal Copyright Copyright © 2025
Original Filename
  • duk_8273.exe
  • goq_4288.exe
  • hijum_893.exe
  • ivon_9053.exe
  • jamip_2348.exe
  • seh_8706.exe
  • udod_4544.exe
Product Name
  • bena_8646
  • ewaso_8683
  • iruca_5973
  • jipo_4591
  • koj_1975
  • ribod_8270
  • xewa_4888
Product Version 1.0.0.0

File Traits

  • .NET
  • x86

Block Information

Total Blocks: 41
Potentially Malicious Blocks: 16
Whitelisted Blocks: 20
Unknown Blocks: 5

Visual Map

x x x ? x 0 0 x x x x 0 0 x ? 0 ? 0 0 0 ? 0 0 0 0 x x 0 0 x 0 0 x x x 0 0 x 0 ? 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreatePrivateNamespace
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
Show More
  • ntdll.dll!NtCreateThreadEx
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcess
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDefaultLocale
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryFullAttributesFile
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationJobObject
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryLicenseValue
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReadRequestData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtResumeThread
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationFile
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • UNKNOWN
User Data Access
  • GetComputerNameEx
  • GetUserDefaultLocaleName
  • GetUserObjectInformation

Trending

Most Viewed

Loading...