aae9d237d61c8bb39c0b3065bead10b0760154c8ecb783cfffee3e215ed447e5

Analysis

max time kernel
42s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
27-01-2023 01:20

Target

Ryujinx.exe
Size

44.3MB
MD5

e7d755bc20d8ff414197f1f569739b1a
SHA1

de59c61eacaa631bfe3b4d529f94d7e477e17d0d
SHA256

aae9d237d61c8bb39c0b3065bead10b0760154c8ecb783cfffee3e215ed447e5
SHA512

1ce65b4b81756ed08e0c47b0b7402d1f2aea41c1edbbe30b623af2a4e0e0fe35abd588b44c8f75dd93b1e4137985ff9214612fbd11fc47aea3da36d015a18f09
SSDEEP

196608:HCJfrFyrm3hgLYAVuSnGZxOeeB3s4tkksk6LdsAVwleOrmbW/0tRyxZOX7EbVTiD:i9rYq3hg8TzYkTJsAVeewKBmTEL5mQMc

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2028	2016	WerFault.exe	26

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2016 wrote to memory of 2028	2016	Ryujinx.exe	28
PID 2016 wrote to memory of 2028	2016	Ryujinx.exe	28
PID 2016 wrote to memory of 2028	2016	Ryujinx.exe	28

C:\Users\Admin\AppData\Local\Temp\Ryujinx.exe
"C:\Users\Admin\AppData\Local\Temp\Ryujinx.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2016
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2016 -s 1048
  2⤵
  - Program crash
  PID:2028