Threat Database Trojans Trojan.TelegramHack.A

Trojan.TelegramHack.A

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 9,179
Threat Level: 80 % (High)
Infected Computers: 19
First Seen: January 27, 2022
Last Seen: November 6, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.TelegramHack.A
Signature status: No Signature

Known Samples

MD5: f620e234dee2c8ad4f8b993e9ccc9e95
SHA1: f4c0602d28840e8c5997a12bff38389418a77bfe
File Size: 2.40 MB, 2403840 bytes
MD5: 9d198fba674f7ad4385ef51ee241d79e
SHA1: 63f856cb2ff834b82782386b43858672c1f46037
SHA256: 128E13028F0F931D794F10374CBFDC1A550FC4590640E70763B941E09635C309
File Size: 4.35 MB, 4353536 bytes
MD5: 8de45797d636f8dc508a3f44eaf317b7
SHA1: ddcba4e3663789658913c54c715934b4ee72d598
SHA256: 23E7586D353CFF865E7FA2414587BE2B5B5D4F028A69BAC12CE16316BABD91AA
File Size: 4.02 MB, 4015104 bytes
MD5: 8709d0c5ea777f1e52ea5757a47935b0
SHA1: 1f3c1c7e71373af8a4eca64e04ffa7b8956ce91d
SHA256: 4BF99FFB6C92BAF1AD9FAC90288EEE65B08F483D1AFF315EE95DCBC7EBECD141
File Size: 4.25 MB, 4252160 bytes
MD5: eba2296d4e1151628c9b382779b1454f
SHA1: 2432d01e29cf14cb95ff0e21229ae8fdcaf83951
SHA256: EC22A38E672E1574602693F5EDB19C7D5511CC1A88C03446C28EE17D0D045B6D
File Size: 4.01 MB, 4009472 bytes
Show More
MD5: 54c6f11df8cd02db23c6fc02711ec189
SHA1: e435cda8258d348a71b02691e501adc7258f4459
SHA256: D751FD3CFC1DF247ACD211BCC89F5D93C6FC0AC69B4198D646ED038C399AF8E1
File Size: 1.62 MB, 1615872 bytes
MD5: 18179ad0c0980ed4928bbded2d35777f
SHA1: 4eb6b98f2b454b042da5e98384f4631169e37e67
SHA256: E59A1A0CBA2408D06E8AAEFB246E1C875846A1FE6718144036D1B4892E6149F9
File Size: 3.69 MB, 3688448 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File has TLS information
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
File Description Unreal engine dumper with live inspect
File Version 2.0.0.0
Internal Name UEDumper.exe
Legal Copyright Copyright (C) 2023 Spuckwaffel
Original Filename UEDumper.exe
Product Name UEDumper
Product Version 2.0.0.0

File Traits

  • fptable
  • GetConsoleWindow
  • HighEntropy
  • imgui
  • No Version Info
  • ntdll
  • VirtualQueryEx
  • WriteProcessMemory
  • x64

Block Information

Total Blocks: 2,316
Potentially Malicious Blocks: 196
Whitelisted Blocks: 1,949
Unknown Blocks: 171

Visual Map

0 0 0 0 0 0 0 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 x x x x x x x ? ? x x 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 ? x 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x x x x x x x x x 0 x 0 ? ? ? ? ? 0 x 0 0 0 0 0 0 0 x x 0 x ? x x 0 x x 0 x x x x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 x x x ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 x ? ? x ? x 0 x x 0 x 0 x 0 ? ? 0 x x x x x x x 0 x ? 0 0 0 x x x 0 ? ? x 0 ? ? x 0 0 0 0 ? ? 0 ? 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 ? 0 0 ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x 0 0 x 0 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 0 0 ? 0 ? 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x x x 0 x 0 0 0 0 0 ? 0 0 ? ? ? 0 0 x 0 0 ? ? 1 ? 0 0 0 0 ? 0 1 0 0 0 0 0 0 0 0 0 ? 0 x 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 1 0 x 0 0 0 0 0 0 0 0 x x 0 ? 0 0 0 0 x 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 0 0 0 ? ? 0 0 0 0 x 0 x x x 0 0 x 0 ? 0 0 ? ? x 0 0 0 0 0 1 0 x 0 x 0 0 0 0 0 0 0 ? 0 x x 0 0 0 ? 0 0 0 0 0 0 0 x 0 0 0 0 ? 0 0 0 0 0 0 0 x x 0 0 0 0 ? 0 x 0 0 ? x ? 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 x ? 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 ? x 0 0 0 0 0 0 ? 0 0 ? ? 0 ? 0 0 0 0 0 0 x 0 0 1 0 0 0 x x x 0 0 0 0 0 ? x 0 x x 0 x 0 ? 0 0 0 0 0 0 0 ? 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 1 0 0 1 0 0 0 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? 0 x x x x 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 x x x 0 x 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 x 0 0 0 0 0 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 x 0 ? ? ? 0 x 0 ? 0 0 0 0 x 0 ? 0 x 0 0 0 0 0 ? x ? ? ? ? ? ? ? 0 0 0 0 0 0 0 ? ? x ? 0 ? x ? 0 ? 0 ? x 0 ? 0 x x 0 0 0 0 0 0 0 0 0 0 ? x 0 0 ? x ? ? 0 0 ? 0 ? ? 0 0 x ? ? ? ? 0 ? 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x ? ? 0 0 0 ? ? ? ? ? ? 0 0 ? 0 ? 0 ? 0 ? 0 0 x 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 x ? 0 x ? ? ? 0 0 0 0 0 x ? ? ? 0 0 0 0 0 x ? ? ? 0 0 0 0 0 x ? ? ? 0 0 0 0 0 0 ? 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? 0 x ? ? ? x 0 0 0 x x x 0 0 0 0 0 0 x x 0 ? ? ? x 0 0 0 0 0 0 x ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAllocateLocallyUniqueId
  • ntdll.dll!NtAllocateReserveObject
  • ntdll.dll!NtAlpcConnectPort
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcCreatePort
  • ntdll.dll!NtAlpcCreateSecurityContext
  • ntdll.dll!NtAlpcDeleteSecurityContext
  • ntdll.dll!NtAlpcQueryInformation
Show More
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtAssociateWaitCompletionPacket
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtCreateTimer
  • ntdll.dll!NtCreateTimer2
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenMutant
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDefaultLocale
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryLicenseValue
  • ntdll.dll!NtQueryObject
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRemoveIoCompletionEx
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetIoCompletionEx
  • ntdll.dll!NtSetTimer2
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForMultipleObjects
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtWriteVirtualMemory
  • ntdll.dll!NtYieldExecution
  • win32u.dll!NtGdiBitBlt
  • win32u.dll!NtGdiCreateBitmap
  • win32u.dll!NtGdiCreateCompatibleBitmap
  • win32u.dll!NtGdiCreateCompatibleDC
  • win32u.dll!NtGdiCreateDIBitmapInternal
  • win32u.dll!NtGdiCreateSolidBrush
  • win32u.dll!NtGdiDdDDICacheHybridQueryValue
  • win32u.dll!NtGdiDdDDICreateAllocation
  • win32u.dll!NtGdiDdDDICreateContextVirtual
  • win32u.dll!NtGdiDdDDICreateDevice
  • win32u.dll!NtGdiDdDDICreatePagingQueue
  • win32u.dll!NtGdiDdDDICreateSynchronizationObject
  • win32u.dll!NtGdiDdDDIDestroyAllocation2
  • win32u.dll!NtGdiDdDDIEnumAdapters2
  • win32u.dll!NtGdiDdDDIEscape
  • win32u.dll!NtGdiDdDDIGetCachedHybridQueryValue

77 additional items are not displayed above.

Anti Debug
  • IsDebuggerPresent

Trending

Most Viewed

Loading...