Cemu[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Cemu.exe
Size

23.0MB
MD5

08fb75e65640fb0ca4da71aa5dbdcfb9
SHA1

7b6cf097ef58f8f3d73dccd093e0e47a8fe334e6
SHA256

26cf93cba23fa7723e120c1ebdd395f87ad3227427a3d1d40d4ede9076e51caa
SHA512

810a108a6e068dea14b0798be2e8ceae077f4eda03b57aab9ad44ef9f214e2ceadfdf34b457806213da59a054dc3a896505e616c360e3f67f639e18f9547e964
SSDEEP

393216:C4RnqktUhVk4nJj8FNTunALz4FKwpZBddoba:CF267G

Score

3^/10

Malware Config

Signatures

Embeds OpenSSL 1 IoCs

Embeds OpenSSL, may be used to circumvent TLS interception.

resource	yara_rule
sample	embeds_openssl

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Cemu.exe

Files

Cemu.exe
.exe windows:6 windows x64 arch:x64

2f3f0a1430a2f42bfb9fde568ea7378f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

wglDeleteContext
wglMakeCurrent
wglShareLists
wglCreateContext
wglGetProcAddress

iphlpapi

GetAdaptersAddresses
ConvertLengthToIpv4Mask

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsA

bcrypt

BCryptGenRandom

bthprops.cpl

BluetoothGetRadioInfo
BluetoothFindRadioClose
BluetoothFindFirstRadio
BluetoothFindNextDevice
BluetoothSetServiceState
BluetoothAuthenticateDevice
BluetoothFindDeviceClose
BluetoothFindFirstDevice

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCandidateListW
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetIMEFileNameA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_Parent
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
CM_Get_Device_IDA
CM_Locate_DevNodeA

dinput8

DirectInput8Create

kernel32

GetFileAttributesExW
SetFileAttributesW
DeleteFileW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
GetDriveTypeW
GetTimeZoneInformation
FreeLibraryAndExitThread
SetConsoleCtrlHandler
RtlUnwind
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
GetUserDefaultUILanguage
GetStringTypeW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
InitOnceBeginInitialize
IsProcessorFeaturePresent
TryAcquireSRWLockShared
SleepConditionVariableSRW
GetLocaleInfoEx
CreateSymbolicLinkW
GetFileInformationByHandleEx
CreateHardLinkW
AreFileApisANSI
SetFileInformationByHandle
GetFullPathNameW
GetFinalPathNameByHandleW
GetFileInformationByHandle
FindFirstFileExW
GetCurrentDirectoryW
TryAcquireSRWLockExclusive
ConvertThreadToFiberEx
ConvertFiberToThread
CreateSemaphoreA
GetSystemDirectoryA
SystemTimeToFileTime
CreateFiberEx
InitializeSRWLock
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
WakeAllConditionVariable
lstrlenW
CompareFileTime
MoveFileExW
GetSystemDirectoryW
InitializeCriticalSectionEx
CreateEventA
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WakeConditionVariable
WaitNamedPipeW
GetLogicalDriveStringsW
GetCommandLineA
FreeEnvironmentStringsW
WriteConsoleW
WriteConsoleA
FreeConsole
GetStdHandle
GlobalHandle
GlobalSize
SetThreadLocale
PeekNamedPipe
ExpandEnvironmentStringsW
GetTempFileNameW
GetLongPathNameW
FindNextFileW
FindFirstFileW
FindClose
CopyFileW
GetFileType
GetFileAttributesW
GetCPInfo
IsValidCodePage
FindResourceW
SizeofResource
LockResource
LoadResource
GetNativeSystemInfo
GetDiskFreeSpaceExW
GetEnvironmentVariableW
GetThreadLocale
GetLocaleInfoW
GetACP
GetTempPathW
TlsFree
GetExitCodeThread
MultiByteToWideChar
GetLocaleInfoA
GetSystemPowerStatus
GetFileTime
GetEnvironmentStringsW
GetOEMCP
HeapSize
HeapReAlloc
SetEnvironmentVariableW
EnumSystemLocalesW
GetUserDefaultLCID
EnterCriticalSection
WaitForMultipleObjects
LeaveCriticalSection
WaitForSingleObject
PostQueuedCompletionStatus
FormatMessageW
SetEvent
TerminateThread
CloseHandle
QueueUserAPC
LocalFree
GetModuleHandleExW
CompareStringA
TlsSetValue
TlsGetValue
TlsAlloc
VerifyVersionInfoW
ResetEvent
CancelIo
DeviceIoControl
CreateFileA
VerSetConditionMask
CreateThread
IsDebuggerPresent
SetEnvironmentVariableA
GetEnvironmentVariableA
CreateSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
LoadLibraryW
CreateDirectoryW
TerminateProcess
SetThreadExecutionState
MulDiv
EnumResourceNamesW
SetFilePointerEx
GetFileSizeEx
OutputDebugStringW
SwitchToFiber
DeleteFiber
ConvertThreadToFiber
CreateFiber
VirtualFree
VirtualAlloc
GetSystemInfo
GetProcessTimes
GetSystemTimeAsFileTime
QueryPerformanceFrequency
QueryPerformanceCounter
GetLogicalProcessorInformation
QueryFullProcessImageNameW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
RaiseException
InitializeCriticalSectionAndSpinCount
CreateIoCompletionPort
SleepEx
SetWaitableTimer
GetQueuedCompletionStatus
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessW
GetCommandLineW
SetLastError
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
SetErrorMode
AddVectoredExceptionHandler
SetUnhandledExceptionFilter
GetSystemTime
GetModuleFileNameA
GetModuleHandleExA
RtlCaptureStackBackTrace
GetCurrentProcessId
GetCurrentThreadId
SetEndOfFile
GetFileSize
SetFilePointer
CreateFileW
WriteFile
GetOverlappedResult
ReadFile
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThread
GetModuleHandleW
InitializeCriticalSection
TryEnterCriticalSection
K32GetProcessMemoryInfo
Sleep
LoadLibraryA
DeleteCriticalSection
GetLastError
ResumeThread
SetThreadContext
GetThreadContext
SuspendThread
ExitThread
ExitProcess
GetVersionExW
GlobalMemoryStatusEx
GetModuleHandleA
GetTickCount
SetThreadPriority
CreateEventW
FreeLibrary
GetProcAddress
LoadLibraryExW
CreateMutexW
AttachConsole
GetCurrentProcess
SetPriorityClass
SetCurrentDirectoryW
GetModuleFileNameW
FormatMessageA
WideCharToMultiByte
SwitchToThread

user32

InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
CheckMenuRadioItem
SetRect
GetSysColorBrush
DrawStateW
SetMenuItemInfoW
AppendMenuW
GetSubMenu
CheckMenuItem
GetMenuState
DrawFrameControl
DrawEdge
NotifyWinEvent
ModifyMenuW
GetUserObjectInformationW
GetProcessWindowStation
EndPaint
RemoveMenu
SetMenuInfo
InsertMenuItemW
GetMenuItemID
SetMenu
RegisterWindowMessageW
DrawFocusRect
CreateDialogParamW
FindWindowExW
EnableMenuItem
GetSystemMenu
DrawMenuBar
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
OffsetRect
CopyRect
GetWindowPlacement
GetScrollInfo
SetScrollInfo
IsDialogMessageW
GetWindow
SetParent
InflateRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
MapWindowPoints
EnableScrollBar
BeginPaint
GetWindowDC
ValidateRgn
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetClassNameW
MessageBeep
MonitorFromWindow
GetMonitorInfoW
LoadImageA
SendMessageW
GetCursorInfo
ShowCursor
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MapVirtualKeyA
GetKeyNameTextA
MessageBoxA
GetMessageW
TranslateMessage
DispatchMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
PostThreadMessageW
CallWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
SetTimer
KillTimer
TrackMouseEvent
PeekMessageW
GetMessageExtraInfo
PostMessageW
DefWindowProcW
GetClassInfoExW
SetWindowPos
IsIconic
GetKeyState
GetAsyncKeyState
MsgWaitForMultipleObjects
GetSystemMetrics
GetMenu
GetForegroundWindow
GetDC
GetUpdateRect
InvalidateRect
ValidateRect
GetPropW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursor
GetCursorPos
GetClipCursor
ScrollWindow
RedrawWindow
GetUpdateRgn
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
IsWindowEnabled
EnableWindow
GetCapture
VkKeyScanW
GetActiveWindow
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
ClientToScreen
ScreenToClient
ClipCursor
FillRect
GetWindowLongW
CallNextHookEx
LoadIconW
MoveWindow
AnimateWindow
IsWindow
PostQuitMessage
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
GetIconInfo
LoadBitmapW
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeGetLastError
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
DdeNameService
DdePostAdvise
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
MessageBoxW
ChildWindowFromPoint
SetRectEmpty
GetClassInfoW
IsRectEmpty
LoadImageW
RegisterClipboardFormatW
GetClipboardFormatNameW
GetCaretBlinkTime
DestroyCursor
UnionRect
IsMenu
keybd_event
HideCaret
ShowCaret
DrawIconEx
GetProcessDefaultLayout
GetComboBoxInfo
DestroyIcon
GetRawInputData
RegisterWindowMessageA
GetDoubleClickTime
UnregisterClassA
RegisterClassExA
CreateWindowExA
GetRawInputDeviceInfoA
RegisterRawInputDevices
GetRawInputDeviceList
GetClipboardSequenceNumber
GetClipboardData
IsClipboardFormatAvailable
SetWindowsHookExW
GetKeyboardLayout
GetKeyboardState
ToUnicode
MapVirtualKeyW
ReleaseDC
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplayDevicesW
MonitorFromPoint
EnumDisplayMonitors
SetCapture
ReleaseCapture
SetCursorPos
LoadCursorW
CopyImage
CreateIconIndirect
SystemParametersInfoW
AttachThreadInput
RegisterClassW
ShowWindow
SetLayeredWindowAttributes
FlashWindowEx
SetFocus
GetFocus
SetActiveWindow
SetForegroundWindow
SetPropW
RemovePropW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
IntersectRect
PtInRect
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
BringWindowToTop
GetDesktopWindow
SystemParametersInfoA
DrawTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
SetWindowRgn
MonitorFromRect
CreateIconFromResource
GetWindowThreadProcessId
UnhookWindowsHookEx

gdi32

CreateCompatibleDC
DeleteObject
CreateSolidBrush
DeleteDC
CreateDCW
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
CreateHatchBrush
GetBkColor
MoveToEx
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
CreateDIBitmap
GetDIBColorTable
SetDIBColorTable
EqualRgn
GetRgnBox
PtInRegion
GetCharABCWidthsW
GetTextExtentExPointW
GetSystemPaletteEntries
SetViewportOrgEx
CloseEnhMetaFile
CreateEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
EnumFontFamiliesExW
SetAbortProc
StartDocW
EndDoc
StartPage
EndPage
UnrealizeObject
CreatePen
GetTextExtentPoint32W
Rectangle
SelectObject
SetBkMode
SetTextColor
CreateDIBSection
ExtTextOutW
GetDeviceCaps
GetDIBits
CreateBitmap
GetICMProfileW
GetDeviceGammaRamp
SetDeviceGammaRamp
CombineRgn
CreateRectRgn
CreateFontIndirectW
GetTextExtentPoint32A
GetTextMetricsW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
BitBlt
GetOutlineTextMetricsW
ExcludeClipRect
RealizePalette
SelectPalette
SetBrushOrgEx
GdiFlush
ExtCreateRegion
GetRegionData
OffsetRgn
SetBkColor
CreateBitmapIndirect
GetObjectW
CreatePatternBrush
ExtFloodFill
GetStockObject
StretchBlt
SetStretchBltMode
CreateICW
CreateRectRgnIndirect
RectInRegion
SelectClipRgn
ExtCreatePen
Arc
Ellipse
GetClipBox
GetGraphicsMode
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
MaskBlt
Pie
PolyPolygon
RoundRect
ExtSelectClipRgn
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPixel
SetPolyFillMode
StretchDIBits
SetROP2
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
LineTo
CreateCompatibleBitmap
CreatePolygonRgn

comdlg32

CommDlgExtendedError
ChooseColorW
PrintDlgW
PageSetupDlgW
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
GetPrinterW
ClosePrinter

shlwapi

PathMatchSpecW
AssocQueryStringW
SHAutoComplete

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_Remove
ImageList_GetIconSize
ImageList_Create
ImageList_Copy
ImageList_Add
ImageList_GetImageInfo
ord16
ord17
ImageList_SetBkColor
ImageList_Draw
ImageList_Replace
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_EndDrag
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

oleacc

LresultFromObject
CreateStdAccessibleObject

uxtheme

GetThemeMargins
GetThemeSysColor
GetThemeSysFont
GetThemeBackgroundExtent
SetWindowTheme
GetCurrentThemeName
GetThemeFont
IsThemeActive
IsAppThemed
IsThemePartDefined
OpenThemeData
GetThemeInt
GetThemePartSize
DrawThemeParentBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundContentRect
DrawThemeBackground
CloseThemeData

winmm

waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
timeGetTime
waveOutGetErrorTextW
waveOutGetDevCapsW
waveOutGetNumDevs
timeEndPeriod
timeBeginPeriod
waveOutClose

ole32

CLSIDFromString
PropVariantClear
OleUninitialize
CoLockObjectExternal
RegisterDragDrop
OleInitialize
CoTaskMemAlloc
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoUninitialize
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
RevokeDragDrop
CoInitializeEx
ReleaseStgMedium

oleaut32

SystemTimeToVariantTime
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetVartype
VariantInit
SafeArrayLock
SafeArrayUnlock
SysAllocString
SysStringLen
VarBstrFromCy
SysFreeString

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegEnumKeyW
CryptEnumProvidersW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptSignHashW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
GetUserNameW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegSetValueExW
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptAcquireContextA
GetSecurityInfo
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

ord6
SHGetFileInfoW
ExtractIconExW
ExtractIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
DragQueryPoint
CommandLineToArgvW
ShellExecuteW
DragAcceptFiles
SHGetFolderPathW
DragFinish
DragQueryFileW
SHGetKnownFolderPath

ws2_32

setsockopt
socket
closesocket
send
WSACleanup
WSAStartup
ntohs
WSASocketW
WSARecvFrom
WSASendTo
WSACloseEvent
getaddrinfo
WSAEnumNetworkEvents
getservbyname
htons
inet_ntoa
inet_addr
inet_ntop
bind
getnameinfo
listen
accept
WSAWaitForMultipleEvents
htonl
WSAEventSelect
WSAResetEvent
freeaddrinfo
WSAIoctl
getsockopt
shutdown
ioctlsocket
recv
getservbyport
WSAGetLastError
connect
select
getsockname
getpeername
gethostbyname
gethostbyaddr
__WSAFDIsSet
recvfrom
sendto
inet_pton
WSAAddressToStringW
WSASetLastError
WSASend
WSACreateEvent
ntohl

crypt32

CertOpenSystemStoreW
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertOpenSystemStoreA
CertOpenStore
CertGetCertificateContextProperty
CertFindCertificateInStore
CertDuplicateCertificateContext

dbghelp

SymInitialize
SymFromAddr
MiniDumpWriteDump

dsound

ord3
ord11

hid

HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_SetNumInputBuffers
HidD_SetOutputReport
HidD_GetAttributes

ntdll

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
NtQuerySystemInformation
RtlPcToFileHeader

msimg32

GradientFill
AlphaBlend

Exports

Exports

??0wxCheckTree@@QEAA@PEAVwxWindow@@HAEBVwxPoint@@AEBVwxSize@@J@Z
??0wxCheckTree@@QEAA@XZ
??1wxCheckTree@@UEAA@XZ
??_7wxCheckTree@@6B@
??_7wxCheckTree@@6BwxControl@@@
??_7wxCheckTree@@6BwxSystemThemedControlBase@@@
?Check@wxCheckTree@@QEAAXAEBVwxTreeItemId@@_N@Z
?DisableCheckBox@wxCheckTree@@QEAA_NAEBVwxTreeItemId@@@Z
?EnableCheckBox@wxCheckTree@@QEAA_NAEBVwxTreeItemId@@_N@Z
?GetClassInfo@wxCheckTree@@UEBAPEAVwxClassInfo@@XZ
?Init@wxCheckTree@@QEAAXXZ
?IsCheckable@wxCheckTree@@QEAA_NAEBVwxTreeItemId@@@Z
?MakeCheckable@wxCheckTree@@QEAAXAEBVwxTreeItemId@@_N@Z
?OnCompareItems@wxCheckTree@@UEAAHAEBVwxTreeItemId@@0@Z
?On_Char@wxCheckTree@@AEAAXAEAVwxKeyEvent@@@Z
?On_KeyDown@wxCheckTree@@AEAAXAEAVwxKeyEvent@@@Z
?On_KeyUp@wxCheckTree@@AEAAXAEAVwxKeyEvent@@@Z
?On_Left_DClick@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Left_Down@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Left_Up@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Mouse_Enter_Tree@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Mouse_Leave_Tree@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Mouse_Motion@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Mouse_Wheel@wxCheckTree@@AEAAXAEAVwxMouseEvent@@@Z
?On_Tree_Focus_Lost@wxCheckTree@@AEAAXAEAVwxFocusEvent@@@Z
?On_Tree_Focus_Set@wxCheckTree@@AEAAXAEAVwxFocusEvent@@@Z
?On_Tree_Sel_Changed@wxCheckTree@@AEAAXAEAVwxTreeEvent@@@Z
?SetFocusFromKbd@wxCheckTree@@UEAAXXZ
?SetItemTextColour@wxCheckTree@@UEAAXAEBVwxTreeItemId@@AEBVwxColour@@@Z
?Sort@wxCheckTree@@QEAAXAEBVwxTreeItemId@@_N@Z
?Uncheck@wxCheckTree@@QEAAXAEBVwxTreeItemId@@@Z
?ms_classInfo@wxCheckTree@@2VwxClassInfo@@A
?wxEVT_CHECKTREE_CHOICE@@3V?$wxEventTypeTag@VwxTreeEvent@@@@B
?wxEVT_CHECKTREE_FOCUS@@3V?$wxEventTypeTag@VwxTreeEvent@@@@B
?wxEVT_COMMAND_LIST_ITEM_CHECKED@@3HB
?wxEVT_COMMAND_LIST_ITEM_UNCHECKED@@3HB
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
PPCRecompiler_getJumpTableBase
gameMeta_getTitleId
memory_getBase
osLib_registerHLEFunction

Sections

.text
Size: 16.3MB - Virtual size: 16.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 832KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 670KB - Virtual size: 669KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f3f0a1430a2f42bfb9fde568ea7378f

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

iphlpapi

avrt

bcrypt

bthprops.cpl

imm32

setupapi

dinput8

kernel32

user32

gdi32

comdlg32

winspool.drv

shlwapi

comctl32

oleacc

uxtheme

winmm

ole32

oleaut32

version

advapi32

shell32

ws2_32

crypt32

dbghelp

dsound

hid

ntdll

msimg32

Exports

Exports

Sections

.text Size: 16.3MB - Virtual size: 16.3MB

.rdata Size: 4.7MB - Virtual size: 4.7MB

.data Size: 832KB - Virtual size: 2.8MB

.pdata Size: 670KB - Virtual size: 669KB

.rsrc Size: 308KB - Virtual size: 307KB

.reloc Size: 218KB - Virtual size: 218KB

.text
Size: 16.3MB - Virtual size: 16.3MB

.rdata
Size: 4.7MB - Virtual size: 4.7MB

.data
Size: 832KB - Virtual size: 2.8MB

.pdata
Size: 670KB - Virtual size: 669KB

.rsrc
Size: 308KB - Virtual size: 307KB

.reloc
Size: 218KB - Virtual size: 218KB