Overview
overview
3Static
static
Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...in.dll
windows7-x64
1Pacify/Eng...in.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
1Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
3Pacify/Eng...64.dll
windows10-2004-x64
3Pacify/Eng...64.dll
windows7-x64
1Pacify/Eng...64.dll
windows10-2004-x64
3Analysis
-
max time kernel
6s -
max time network
37s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
27/12/2022, 17:02
Static task
static1
Behavioral task
behavioral1
Sample
Pacify/Engine/Binaries/ThirdParty/NVIDIA/NVaftermath/Win64/GFSDK_Aftermath_Lib.x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
Pacify/Engine/Binaries/ThirdParty/NVIDIA/NVaftermath/Win64/GFSDK_Aftermath_Lib.x64.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Pacify/Engine/Binaries/ThirdParty/Oculus/OVRPlugin/OVRPlugin/Win64/OVRPlugin.dll
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral4
Sample
Pacify/Engine/Binaries/ThirdParty/Oculus/OVRPlugin/OVRPlugin/Win64/OVRPlugin.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Pacify/Engine/Binaries/ThirdParty/Ogg/Win64/VS2015/libogg_64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral6
Sample
Pacify/Engine/Binaries/ThirdParty/Ogg/Win64/VS2015/libogg_64.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_ClothingPROFILE_x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral8
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_ClothingPROFILE_x64.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_Clothing_x64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral10
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_Clothing_x64.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_LegacyPROFILE_x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral12
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_LegacyPROFILE_x64.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_Legacy_x64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral14
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/APEX_Legacy_x64.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/ApexFrameworkPROFILE_x64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral16
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/ApexFrameworkPROFILE_x64.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/ApexFramework_x64.dll
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral18
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/ApexFramework_x64.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/NvClothPROFILE_x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral20
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/NvClothPROFILE_x64.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/NvCloth_x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral22
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/NvCloth_x64.dll
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3CommonPROFILE_x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral24
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3CommonPROFILE_x64.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3Common_x64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral26
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3Common_x64.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3CookingPROFILE_x64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral28
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3CookingPROFILE_x64.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3Cooking_x64.dll
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral30
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3Cooking_x64.dll
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3PROFILE_x64.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral32
Sample
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/PhysX3PROFILE_x64.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
Pacify/Engine/Binaries/ThirdParty/PhysX3/Win64/VS2015/ApexFrameworkPROFILE_x64.dll
-
Size
1.3MB
-
MD5
9cf7b36d85f3c8b8bad5045ef1433f8f
-
SHA1
1d7276fe42d898f9e9e7111c66feaec2587a658a
-
SHA256
c98e92b7fe8496677eef332b1cade31877a649f039ad72383f97efc11ab88061
-
SHA512
56cf82923eacc925840a579cfa7e0629df79a4ed8f7f414a2f6f33ebd1945a49a72f30b7d2eaea280e4c6e2fa9a9caab25d48ef4143b65c39dcc4ac59d0498e4
-
SSDEEP
12288:H97gYy8zuxfE6+A25k+R3BnkIGlYTtxS6/K52vndl62DjMZBx:HSV8zIOhk0RnkIikxSGK0vndw
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1764 1980 WerFault.exe 24 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1980 wrote to memory of 1764 1980 rundll32.exe 28 PID 1980 wrote to memory of 1764 1980 rundll32.exe 28 PID 1980 wrote to memory of 1764 1980 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\Pacify\Engine\Binaries\ThirdParty\PhysX3\Win64\VS2015\ApexFrameworkPROFILE_x64.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1980 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 1980 -s 842⤵
- Program crash
PID:1764
-