citracximaker[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

citracximaker.7z
Size

1.4MB
MD5

d67e4e51780e49e1c1e02c0bcc1f6d40
SHA1

0aa948379f9d2cef4d2ce3e5e7e6be08b6756e31
SHA256

7e4070ca62251c07e24edfbe7610dc28763298f767a11cf17da9472f49e4012c
SHA512

7a57e86ab5ee8457d48d521979c3d053bdeb0053bfb68a7e831176b6f99117278f5030da47c1438aebb83eec282c06fd1fa54b315416883c944a756b05770f60
SSDEEP

24576:xWB6OBRzG3r1tTcNIOqA+WSpLI1NGHJq0af0f2ac+zMyshC1sBbGeUI/mWeFL/:xWB60G3BtTcNzz+WsLuUUQRdzUhIUbGN

Score

1^/10

Malware Config

Signatures

Files

citracximaker.7z
.7z
Citra-CXI-Maker-v1.1-20200616.7z
.7z
citra-cxi-maker.bat
.bat .vbs
readme.txt
tools/3dstool.exe
.exe windows x86

77924ed96609e34c9d67862bf1f92ecb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohl
htonl
gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
socket
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup

crypt32

CertFreeCertificateContext

kernel32

GetACP
CreateFileW
GetCurrentDirectoryW
GetFullPathNameW
SetStdHandle
GetConsoleCP
FlushFileBuffers
GetConsoleMode
IsDebuggerPresent
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
ReadConsoleW
IsValidCodePage
FindFirstFileW
FindNextFileW
LocalFree
GetModuleFileNameW
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetCurrentThreadId
GetProcAddress
GetOEMCP
GetVersion
WriteFile
GetFileType
GetStdHandle
FreeLibrary
Sleep
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetTickCount
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
CloseHandle
WaitForSingleObject
FormatMessageA
ReadFile
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
CompareStringW
GetTimeFormatW
GetDateFormatW
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
WriteConsoleW
OutputDebugStringW
SetEnvironmentVariableA
GetModuleHandleA
GetStringTypeW
EncodePointer
DecodePointer
RaiseException
RtlUnwind
HeapFree
HeapReAlloc
SetEndOfFile
HeapAlloc
GetProcessHeap
GetCPInfo
CreateDirectoryW
SetFilePointerEx
FindClose
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCommandLineA
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetSystemTimeAsFileTime
CreateThread
ExitThread
LoadLibraryExW
FileTimeToLocalFileTime
GetFileInformationByHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW

user32

MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW

shell32

CommandLineToArgvW

advapi32

CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegisterEventSourceA
ReportEventA
DeregisterEventSource

Sections

.text
Size: 832KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/ctrtool.exe
.exe windows x64

28f30e041cc3e072894f1c617b684527

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameW
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__C_specific_handler
__argv
__doserrno
__getmainargs
__initenv
__iob_func
__lconv_init
__pioinfo
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_fmode
_initterm
_lseeki64
_mkdir
_onexit
_setjmp
_snwprintf
_stat64
_strdup
_ultoa
_vsnprintf
_wfopen
_wmkdir
_write
_write
_wstat64
abort
atof
atoi
calloc
exit
fclose
ferror
fflush
fgetpos
fgets
fopen
fprintf
fputc
fputs
fputws
fread
free
fseek
fsetpos
ftell
fwprintf
fwrite
getenv
isalnum
isalpha
isspace
longjmp
malloc
memcmp
memcpy
memmove
memset
printf
putchar
puts
raise
realloc
signal
sprintf
sscanf
strchr
strcmp
strcpy
strlen
strncmp
strncpy
strtoul
tolower
vfprintf
vsprintf
wcscpy
wcslen

user32

MessageBoxW

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 465B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/xxd.exe
.exe windows x86

e7cb7d6ab1902c87461f234dec982583

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetACP
CreateFileW
GetFileType
CloseHandle
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
SetStdHandle
GetStringTypeW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
SetEndOfFile
WriteConsoleW
HeapSize
HeapReAlloc
DecodePointer
RaiseException

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Citra-CXI-Maker-v1.2-20200623.zip
.zip
Citra-CXI-Maker-v1.3-20210215.zip
.zip
GameBrew.url
.url

Sharing

General

Malware Config

Signatures

Files

77924ed96609e34c9d67862bf1f92ecb

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

crypt32

kernel32

user32

shell32

advapi32

Sections

.text Size: 832KB - Virtual size: 831KB

.rdata Size: 596KB - Virtual size: 595KB

.data Size: 53KB - Virtual size: 4.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 46KB - Virtual size: 45KB

28f30e041cc3e072894f1c617b684527

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 212KB - Virtual size: 211KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 38KB - Virtual size: 37KB

.pdata Size: 12KB - Virtual size: 12KB

.xdata Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 11KB

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 112B

.tls Size: 512B - Virtual size: 16B

/4 Size: 512B - Virtual size: 176B

/19 Size: 47KB - Virtual size: 46KB

/31 Size: 2KB - Virtual size: 2KB

/45 Size: 4KB - Virtual size: 3KB

/57 Size: 1KB - Virtual size: 1KB

/70 Size: 512B - Virtual size: 465B

/81 Size: 5KB - Virtual size: 4KB

/92 Size: 512B - Virtual size: 496B

e7cb7d6ab1902c87461f234dec982583

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 11KB

.gfids Size: 512B - Virtual size: 172B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 832KB - Virtual size: 831KB

.rdata
Size: 596KB - Virtual size: 595KB

.data
Size: 53KB - Virtual size: 4.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 46KB - Virtual size: 45KB

.text
Size: 212KB - Virtual size: 211KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 38KB - Virtual size: 37KB

.pdata
Size: 12KB - Virtual size: 12KB

.xdata
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 11KB

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 16B

/4
Size: 512B - Virtual size: 176B

/19
Size: 47KB - Virtual size: 46KB

/31
Size: 2KB - Virtual size: 2KB

/45
Size: 4KB - Virtual size: 3KB

/57
Size: 1KB - Virtual size: 1KB

/70
Size: 512B - Virtual size: 465B

/81
Size: 5KB - Virtual size: 4KB

/92
Size: 512B - Virtual size: 496B

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 11KB

.gfids
Size: 512B - Virtual size: 172B

.reloc
Size: 5KB - Virtual size: 4KB