Static task
static1
General
-
Target
citra-setup-windows.exe
-
Size
18.8MB
-
MD5
4d33a58821bd46846c48b68eb04578cc
-
SHA1
1f2a3b4014a309c87f0cfb03489d4360aba7720d
-
SHA256
259802212619473b387d6dc98ecb33840c88f33bac85a1a7af65ecd2565e5e1a
-
SHA512
674c375d85be7e01b887044afcc7fd7d7da61002e8c6489ebc45be425cc07e3de5415b475f1ac4d323b301a4b1f2688d8547dd679fb6945a4196fe5364241a8d
-
SSDEEP
196608:V3FdHrAsSNesXTx7Hggn5QZ9HsJsv6tWKFdu9CV/7Uk6:V3FFJsXTx7Hb5QjHsJsv6tWKFdu9ClY
Malware Config
Signatures
Files
-
citra-setup-windows.exe.exe windows x86
c022d1340f73688a398b02b986745e16
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
oleaut32
VariantChangeType
VariantInit
SystemTimeToVariantTime
SysStringLen
SysFreeString
VariantCopy
VariantClear
SysAllocStringLen
SysAllocString
user32
GetFocus
RegisterClassExW
PostMessageW
DrawMenuBar
GetSystemMenu
RemoveMenu
GetClientRect
GetWindowThreadProcessId
SendMessageTimeoutW
CharUpperW
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
GetDesktopWindow
SystemParametersInfoW
UpdateLayeredWindowIndirect
SendMessageW
AttachThreadInput
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
GetMonitorInfoW
EnumDisplayMonitors
GetSysColor
LoadIconW
IsHungAppWindow
GetCursorPos
EnumWindows
MonitorFromWindow
UnregisterDeviceNotification
RegisterDeviceNotificationW
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
GetClassInfoW
GetWindowTextW
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
RegisterClassW
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
DefWindowProcW
CreateWindowExW
IsChild
DestroyWindow
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
GetCapture
SetCapture
ReleaseCapture
GetSystemMetrics
EnableMenuItem
GetForegroundWindow
TranslateMessage
SetForegroundWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetWindowRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetParent
SetParent
DestroyCursor
DestroyIcon
UnregisterClassW
GetKeyboardLayoutList
RealGetWindowClassW
DrawIconEx
MessageBoxW
WindowFromDC
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
PostThreadMessageW
GetAncestor
uxtheme
OpenThemeData
DrawThemeBackground
GetThemeColor
GetThemeSysFont
IsThemeActive
SetWindowThemeAttribute
DrawThemeTextEx
CloseThemeData
ord47
GetThemeBackgroundRegion
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeBool
GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
SetWindowTheme
IsAppThemed
GetCurrentThemeName
GetThemeTransitionDuration
ole32
CoInitializeEx
OleSetClipboard
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
ReleaseStgMedium
CoGetMalloc
CoTaskMemAlloc
CoCreateGuid
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
OleGetClipboard
StringFromGUID2
dwmapi
DwmExtendFrameIntoClientArea
DwmDefWindowProc
DwmIsCompositionEnabled
DwmEnableBlurBehindWindow
shell32
SHGetMalloc
SHCreateItemFromParsingName
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHChangeNotify
SHGetFolderLocation
ShellExecuteExW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
ord155
SHParseDisplayName
SHGetKnownFolderPath
CommandLineToArgvW
iphlpapi
GetAdaptersInfo
GetAdaptersAddresses
advapi32
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
GetFileSecurityW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegNotifyChangeKeyValue
AddAccessAllowedAce
DeregisterEventSource
RegisterEventSourceA
ReportEventA
CryptAcquireContextA
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashA
CryptEnumProvidersA
CopySid
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
crypt32
CertCreateCertificateContext
CertFreeCertificateContext
CertGetCertificateChain
CertFreeCertificateChain
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
gdi32
BitBlt
CombineRgn
CreateRectRgn
DeleteObject
OffsetRgn
SelectClipRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
DeleteDC
SelectObject
ChoosePixelFormat
SetPixelFormat
GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
CreateDIBSection
GdiFlush
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
GetRegionData
CreateBitmap
GetDIBits
mpr
WNetGetUniversalNameA
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
winmm
timeSetEvent
timeKillEvent
PlaySoundW
kernel32
PeekNamedPipe
ReadFileEx
LCMapStringW
GetUserPreferredUILanguages
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetTickCount64
GetProcessId
GetExitCodeProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
WaitForSingleObjectEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
SwitchToThread
DuplicateHandle
GetFullPathNameW
GetStartupInfoW
GetUserDefaultLCID
CompareStringW
OutputDebugStringW
GetNativeSystemInfo
FlushConsoleInputBuffer
SetHandleInformation
GetOverlappedResult
CreateNamedPipeW
ConnectNamedPipe
GlobalFree
WaitNamedPipeW
DisconnectNamedPipe
CreateFileMappingW
CancelIoEx
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemTime
ExitProcess
QueryPerformanceFrequency
QueryPerformanceCounter
VerifyVersionInfoW
VerSetConditionMask
GetTempFileNameA
GetTempPathA
Sleep
lstrcmpW
GetVolumeInformationW
GetUserDefaultLangID
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalUnlock
GlobalLock
GlobalAlloc
CheckRemoteDebuggerPresent
ExpandEnvironmentStringsW
WaitForMultipleObjects
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemInfo
VirtualFree
VirtualAlloc
CreateSemaphoreW
CreateEventW
ReleaseSemaphore
ResetEvent
SetEvent
InitializeCriticalSection
GetVersionExW
FileTimeToDosDateTime
GetSystemTimeAsFileTime
LoadLibraryW
LoadLibraryExW
SleepEx
WriteFileEx
VirtualProtect
GetFileAttributesW
GetLogicalDrives
CopyFileW
GetFileInformationByHandleEx
SetFilePointerEx
MoveFileExW
FindFirstFileExW
GetModuleHandleExW
FindNextChangeNotification
GetGeoInfoW
GetUserGeoID
ReleaseMutex
CreateMutexW
EncodePointer
DecodePointer
GetStringTypeW
HeapFree
RaiseException
RtlUnwind
GetCommandLineA
HeapAlloc
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
HeapReAlloc
AreFileApisANSI
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
ReadConsoleW
GetConsoleCP
SetStdHandle
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateTimerQueue
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
IsValidLocale
EnumSystemLocalesW
HeapSize
GetProcessHeap
GetModuleFileNameA
IsValidCodePage
GetACP
GetOEMCP
SystemTimeToTzSpecificLocalTime
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW
GetThreadTimes
FreeLibraryAndExitThread
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateProcessA
GetLocalTime
GetModuleFileNameW
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
GetLogicalDriveStringsW
FindNextFileW
GetStdHandle
GetFileType
GetLargestConsoleWindowSize
SetConsoleScreenBufferSize
FreeConsole
AttachConsole
AllocConsole
SetConsoleMode
GetConsoleWindow
GetCommandLineW
CloseHandle
CreateProcessW
LocalFree
FormatMessageW
GetFileAttributesExW
GetLongPathNameW
GetShortPathNameW
GetEnvironmentVariableW
GetCurrentProcess
IsWow64Process
OpenProcess
GetLogicalDriveStringsA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDiskFreeSpaceExA
GetDriveTypeA
GetDriveTypeW
GetVolumePathNamesForVolumeNameW
SetErrorMode
WaitForSingleObject
TerminateProcess
GetLastError
FileTimeToSystemTime
CreateFileW
DeviceIoControl
FlushFileBuffers
LockFile
UnlockFile
WriteFile
CompareFileTime
GetProcAddress
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
SetFileTime
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
GetTempPathW
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetSystemDirectoryW
GetModuleHandleW
MoveFileW
GetFileInformationByHandle
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
ws2_32
WSAGetLastError
htonl
inet_addr
ntohl
gethostbyaddr
gethostbyname
WSANtohs
WSAAsyncSelect
WSACleanup
WSAStartup
gethostname
WSASetLastError
shutdown
send
recv
WSASocketW
WSASendTo
WSASend
WSARecvFrom
WSARecv
WSANtohl
WSAIoctl
WSAHtonl
WSAConnect
WSAAccept
setsockopt
select
listen
htons
getsockname
getpeername
closesocket
bind
__WSAFDIsSet
getsockopt
d3d9
D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_SetMarker
D3DPERF_GetStatus
Direct3DCreate9
Sections
.text Size: 13.0MB - Virtual size: 13.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5.1MB - Virtual size: 5.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 166KB - Virtual size: 329KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 512B - Virtual size: 272B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 292B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 484KB - Virtual size: 483KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ