Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.MSIL.Clicker.CCH

Trojan.MSIL.Clicker.CCH

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.MSIL.Clicker.CCH
Signature status: No Signature

Known Samples

MD5: 8387db236c047ac751c80dad7887975f
SHA1: cf24d2b8fee5773ab5143e629b4e4128984928e8
SHA256: 16F59F4C6CC5CFEBFB3B3138300F4A6E14595898A17899BC2C2D5269EB1075AB
File Size: 18.94 KB, 18944 bytes
MD5: 7cc459b6ba0cd6c11dc2ecdce5d99eda
SHA1: 69b527b5b95bc594e07005e8a86cad9711a629dc
SHA256: 4D6B6E5E2C3B2B447DAA4F93ABC02822413BB71B7C6FFAA13E849E7C77D7954D
File Size: 19.46 KB, 19456 bytes
MD5: e96c6af38374ce89327e31916b535b74
SHA1: 70763309aff137c43d9633cf3f24ec663c82107c
SHA256: 094E7377FB92052B2DCD16F806AD9B725140F9E85EE7A919A50076BB997BB1A8
File Size: 8.00 MB, 7998976 bytes
MD5: e6a0c6b12f8d288e17e27d95d939e2f7
SHA1: 955fcddd38666d576ea2890560270f48ab605902
SHA256: D881D5F42D92AAFC1B241B3C4D1A6E7BAA087DD6D6DD7152363391F02867ADB9
File Size: 9.40 MB, 9400320 bytes
MD5: f6282ab5a80f2fdb47aa6870d1265f66
SHA1: 6c2afb4ced91286613c5d84c454272118fe75468
SHA256: 6589BA3DD165E83BAEEE122BD1C6D4FA52F04406003D5C36D5180E15F888EEC5
File Size: 9.25 MB, 9251328 bytes
Show More
MD5: e6911384a5df60eb482d6ab4e3f6150b
SHA1: 45c0506185d6fceffc5ceef9719742b2198274ee
SHA256: 1D3AE2A4A3BD9E36C7B3CB556E5CF66A94DBE4C369DC4BC38302A0EBE2924FFE
File Size: 9.18 MB, 9179648 bytes
MD5: 078351c0255708ae40fccf2decdcb5c7
SHA1: 5259c615da2c80e5d4815c5467eac28552191d6f
SHA256: 611356CFF79988F4A0D30424AD4B652B5BE73EBD1CCB95C5AA87562723046C2A
File Size: 7.42 MB, 7415808 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is .NET application
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Assembly Version 1.0.0.0
Comments
  • Advanced service that simplifies your data. User-friendly system that integrates your files. Intelligent utility that monitors your processes. Advanced service that simplifies your data. User-friendly system that integrates your files. Intelligent utility that monitors your processes. ziga_3769 Advanced service that simplifies your data. User-friendly system that integrates your files. Intelligent utility that monitors your processes.
  • Advanced software that optimizes your scalability. Seamless tool that supports your processes. Reliable technology that boosts your system. Advanced software that optimizes your scalability. Seamless tool that supports your processes. Reliable technology that boosts your system. uveki_4437 Advanced software that optimizes your scalability. Seamless tool that supports your processes. Reliable technology that boosts your system.
  • Efficient assistant that optimizes your performance. Seamless framework that supports your automation. Cutting-edge solution that automates your integration. Efficient assistant that optimizes your performance. Seamless framework that supports your automation. Cutting-edge solution that automates your integration. zequ_4516 Efficient assistant that optimizes your performance. Seamless framework that supports your automation. Cutting-edge solution that automates your integration.
  • Efficient platform that boosts your speed. Intelligent solution that streamlines your workflow. Efficient assistant that integrates your tasks. Efficient platform that boosts your speed. Intelligent solution that streamlines your workflow. Efficient assistant that integrates your tasks. ace_2519 Efficient platform that boosts your speed. Intelligent solution that streamlines your workflow. Efficient assistant that integrates your tasks.
  • Innovative extension that manages your security. Intelligent suite that monitors your analytics. Cutting-edge utility that automates your security. Innovative extension that manages your security. Intelligent suite that monitors your analytics. Cutting-edge utility that automates your security. oxemo_9469 Innovative extension that manages your security. Intelligent suite that monitors your analytics. Cutting-edge utility that automates your security.
  • Innovative suite that integrates your integration. Versatile framework that protects your automation. Advanced solution that protects your scalability. Innovative suite that integrates your integration. Versatile framework that protects your automation. Advanced solution that protects your scalability. kise_5389 Innovative suite that integrates your integration. Versatile framework that protects your automation. Advanced solution that protects your scalability.
  • Lightweight assistant that controls your security. Secure module that supports your analytics. Reliable assistant that streamlines your analytics. Lightweight assistant that controls your security. Secure module that supports your analytics. Reliable assistant that streamlines your analytics. fit_4532 Lightweight assistant that controls your security. Secure module that supports your analytics. Reliable assistant that streamlines your analytics.
Company Name
  • Advanced service that simplifies your data. User-friendly system that integrates your files. Intelligent utility that monitors your processes.
  • Advanced software that optimizes your scalability. Seamless tool that supports your processes. Reliable technology that boosts your system.
  • Efficient assistant that optimizes your performance. Seamless framework that supports your automation. Cutting-edge solution that automates your integration.
  • Efficient platform that boosts your speed. Intelligent solution that streamlines your workflow. Efficient assistant that integrates your tasks.
  • fit_4532
  • Innovative suite that integrates your integration. Versatile framework that protects your automation. Advanced solution that protects your scalability.
  • oxemo_9469
File Description
  • ejayo_9608
  • fik_4775
  • idodu_9933
  • ijuze_1506
  • iso_316
  • oki_5825
  • rar_4771
File Version 1.0.0.0
Internal Name
  • ace_2519.exe
  • fit_4532.exe
  • kise_5389.exe
  • oxemo_9469.exe
  • uveki_4437.exe
  • zequ_4516.exe
  • ziga_3769.exe
Legal Copyright Copyright © 2025
Original Filename
  • ace_2519.exe
  • fit_4532.exe
  • kise_5389.exe
  • oxemo_9469.exe
  • uveki_4437.exe
  • zequ_4516.exe
  • ziga_3769.exe
Product Name
  • ejayo_9608
  • fik_4775
  • idodu_9933
  • ijuze_1506
  • iso_316
  • oki_5825
  • rar_4771
Product Version 1.0.0.0

File Traits

  • .NET
  • HighEntropy
  • x86

Block Information

Total Blocks: 95
Potentially Malicious Blocks: 29
Whitelisted Blocks: 37
Unknown Blocks: 29

Visual Map

? ? x ? ? ? 0 0 ? x ? x x 0 0 ? ? x ? ? ? 0 0 0 ? ? x 0 0 x ? x 0 0 ? x 0 x x x x x x x ? 0 x 0 0 0 ? 0 0 0 0 0 0 x 0 0 x 0 0 x 0 0 0 x x ? ? x ? ? ? 0 0 0 ? ? x 0 0 x ? ? x 0 0 x x x ? 0 ?
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreatePrivateNamespace
  • ntdll.dll!NtCreateSection
Show More
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtCreateThreadEx
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcess
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDefaultLocale
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryFullAttributesFile
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationJobObject
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryLicenseValue
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReadRequestData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtResumeThread
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationFile
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • UNKNOWN
User Data Access
  • GetComputerNameEx
  • GetUserDefaultLocaleName
  • GetUserObjectInformation
Encryption Used
  • BCryptOpenAlgorithmProvider

Trending

Most Viewed

Loading...