pcsx2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

pcsx2.exe
Size

8.9MB
MD5

9ea3e1cbfb88493b6ad2e31aee9bc334
SHA1

3ae7bba47610f977106544354bdadbe4646de87a
SHA256

bfcaee5e742b8a9dd8c09bd39e5a42c24cd82899253ae7234a6c03df4db46140
SHA512

dabe364a4240f5e8a5f17e8a37a0ae11792a73250153e0a32082016e3f893b84cb66a242d3910f0a5216321ddb6b2fb19373f7f0b723eb9c475c2da1accf5073
SSDEEP

98304:oven3Kh5zV3a2J81xvQuQkPIUZCa9wOTgDarK66FJ+nvhCN3c07F/vNgjri5dCNP:ozzRqvnrgxa9wUX6FIU5Q+p2r

Score

1^/10

Malware Config

Signatures

Files

pcsx2.exe
.exe windows x86

5483ec645badc1e5c06fafc1d29b17ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
WaitForSingleObjectEx
SetThreadAffinityMask
VirtualProtect
VirtualFree
GetStartupInfoW
OpenThread
GetThreadTimes
SetThreadExecutionState
GlobalMemoryStatusEx
QueryPerformanceCounter
QueryPerformanceFrequency
GetCommandLineW
WriteConsoleA
WriteConsoleW
FillConsoleOutputCharacterW
SetConsoleCursorPosition
ReadConsoleOutputCharacterA
GetConsoleScreenBufferInfo
GetStdHandle
FreeConsole
GetProcessHeap
HeapSize
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalSize
GlobalLock
MulDiv
WriteFile
GetExitCodeProcess
IsBadStringPtrA
IsBadReadPtr
ExpandEnvironmentStringsW
GetCPInfo
IsValidCodePage
SizeofResource
LockResource
LoadResource
FindResourceW
TerminateProcess
GetEnvironmentVariableW
GetSystemTimeAsFileTime
GetACP
GetUserDefaultLCID
SetThreadLocale
GetLocaleInfoW
OutputDebugStringW
GetSystemInfo
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalFree
FormatMessageW
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
FindNextFileW
GetFileType
SetCurrentDirectoryW
CopyFileW
SetErrorMode
GetVersionExW
WideCharToMultiByte
GetFileTime
SetFileTime
FindClose
FindFirstFileW
MultiByteToWideChar
GetTempPathW
GetTempFileNameW
SetThreadContext
CreateEventA
CreateSemaphoreA
TlsFree
TlsGetValue
FreeLibrary
GetProcAddress
GetThreadContext
ResetEvent
RaiseException
GetThreadPriority
TlsAlloc
LoadLibraryA
GetSystemDirectoryA
SetEvent
Sleep
DuplicateHandle
ResumeThread
SuspendThread
GetCurrentThreadId
WaitForSingleObject
WaitForMultipleObjects
GetProcessAffinityMask
ReleaseSemaphore
GetCurrentProcess
SetLastError
TlsSetValue
InitializeSListHead
VirtualAlloc
GetDriveTypeW
GetLogicalDriveStringsW
CreateNamedPipeW
GetCurrentProcessId
PeekNamedPipe
ConnectNamedPipe
GetCurrentThread
SetThreadPriority
DeviceIoControl
GetFileAttributesW
GetLastError
GetFileSize
GetOverlappedResult
CreateEventW
CancelIo
ReadFile
CloseHandle
IsProcessorFeaturePresent
CreateFileW

user32

IsRectEmpty
GetDoubleClickTime
GetClassInfoW
GetWindowTextW
wsprintfW
RegisterClipboardFormatW
ShowCursor
AdjustWindowRectEx
SetWindowPos
DestroyCursor
GetClipboardFormatNameW
MessageBeep
ChildWindowFromPoint
UnionRect
DestroyAcceleratorTable
DrawIconEx
GetMenuItemID
DrawFrameControl
GetSysColorBrush
SetRect
CreateAcceleratorTableW
TranslateAcceleratorW
SetMenu
GetDC
GetClassNameW
ChangeDisplaySettingsW
EnumDisplaySettingsW
ValidateRect
BeginPaint
ReleaseDC
EndPaint
DrawEdge
CheckMenuItem
GetWindowDC
FindWindowExW
IsClipboardFormatAvailable
ValidateRgn
SetWindowLongW
GetWindowLongW
CheckMenuRadioItem
GetSubMenu
AppendMenuW
CreateMenu
SendMessageW
MessageBoxW
PostThreadMessageW
GetWindowThreadProcessId
PostMessageW
RegisterClassW
CreateWindowExW
UnregisterClassW
DestroyWindow
DefWindowProcW
PeekMessageW
GetMessageW
MsgWaitForMultipleObjects
DispatchMessageW
SetTimer
KillTimer
LoadCursorW
SetCursor
DdeInitializeW
DdeUninitialize
DdeNameService
DdeConnect
DdeDisconnect
DdeClientTransaction
DdeGetData
DdeFreeDataHandle
DdePostAdvise
DdeCreateDataHandle
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
DdeGetLastError
GetCursorPos
GetMessagePos
SetFocus
GetFocus
EnableWindow
ShowWindow
SetCapture
ReleaseCapture
GetCapture
GetWindowRect
PtInRect
SetCursorPos
GetScrollInfo
SetScrollInfo
EnableScrollBar
ScrollWindow
IsWindow
WindowFromPoint
GetParent
SetParent
RedrawWindow
UpdateWindow
GetClientRect
MapWindowPoints
ScreenToClient
ClientToScreen
DeferWindowPos
MoveWindow
PostQuitMessage
TranslateMessage
TrackPopupMenu
CallWindowProcW
GetKeyState
IsWindowEnabled
IsWindowVisible
IsDialogMessageW
InflateRect
SetWindowTextW
InvalidateRect
GetSysColor
GetUpdateRgn
FillRect
GetWindow
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
SystemParametersInfoW
GetMenuItemCount
GetMenuItemInfoW
MapVirtualKeyW
VkKeyScanW
GetSystemMetrics
GetAsyncKeyState
GetActiveWindow
CallNextHookEx
SetWindowsHookExW
GetMenuState
ChildWindowFromPointEx
RegisterHotKey
UnregisterHotKey
CreateDialogParamW
GetDlgItem
GetWindowTextLengthW
keybd_event
HideCaret
CreateDialogIndirectParamW
GetDialogBaseUnits
BringWindowToTop
IsIconic
SetForegroundWindow
IsZoomed
GetWindowPlacement
GetDesktopWindow
GetSystemMenu
EnableMenuItem
DrawMenuBar
FlashWindow
SetWindowRgn
DrawTextW
DrawFocusRect
SetRectEmpty
OffsetRect
DrawStateW
CopyRect
GetIconInfo
CreateIconIndirect
LoadBitmapW
LoadImageW
LoadIconW
DestroyIcon
SetMenuItemInfoW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
InsertMenuW
RemoveMenu
ModifyMenuW
UnhookWindowsHookEx

gdi32

CreateDCW
EndPage
StartPage
EndDoc
StartDocW
SetAbortProc
SetWinMetaFileBits
GetMetaFileBitsEx
SetMetaFileBitsEx
GetWinMetaFileBits
CloseEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
DeleteEnhMetaFile
CopyEnhMetaFileW
GetEnhMetaFileW
SetLayout
CreateDIBitmap
GetDIBColorTable
GetDIBits
CreateDIBSection
CreateRectRgnIndirect
GetTextExtentExPointW
GetCharABCWidthsW
LineTo
MoveToEx
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
RectInRegion
PtInRegion
EqualRgn
GetRgnBox
CombineRgn
CreateICW
CreateHatchBrush
CreatePatternBrush
ExtCreatePen
StretchDIBits
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
EnumFontFamiliesExW
SetViewportExtEx
SetROP2
ExtTextOutW
MaskBlt
GetObjectType
GetStockObject
PolyBezier
Ellipse
RoundRect
Rectangle
Polyline
PolyPolygon
Polygon
SetPolyFillMode
SetPixel
Arc
Pie
GetPixel
ExtFloodFill
GetBkColor
SetMapMode
SelectClipRgn
ExtSelectClipRgn
GetClipBox
SetStretchBltMode
GetTextExtentPoint32W
BitBlt
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
GetObjectW
CreateSolidBrush
CreatePen
OffsetRgn
ExtCreateRegion
GetRegionData
SetBkMode
SetBkColor
SetTextColor
DeleteObject
CreateFontIndirectW
GetOutlineTextMetricsW
GetTextMetricsW
SelectObject
SetBrushOrgEx
CreateRectRgn
RealizePalette
SelectPalette
ExcludeClipRect
GdiFlush
SetWindowExtEx
GetDeviceCaps

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
_Xtime_get_ticks
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Thrd_yield
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
_Mtx_unlock
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Throw_C_error@std@@YAXH@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_BADOFF@std@@3_JB
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

vcruntime140

memset
memcpy
_setjmp3
_except_handler3
__CxxLongjmpUnwind
__CxxFrameHandler3
memmove
_purecall
__std_exception_copy
__std_exception_destroy
strstr
strchr
memchr
strrchr
wcsstr
wcschr
_set_se_translator
longjmp
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

_aligned_free
_aligned_realloc
_aligned_malloc
free
malloc
realloc
_set_new_mode
_callnewh
calloc

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
terminate
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
_c_exit
_register_thread_local_exe_atexit_callback
_controlfp_s
_invalid_parameter_noinfo
_errno
strerror
abort
_beginthreadex
_endthreadex
exit

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
towlower
isalpha
strncat_s
tolower
towupper
_wcsicmp
iswalpha
iswdigit
iswspace
wcspbrk
_strdup
_stricmp
wcsncpy
iswalnum
isspace
isdigit
isalnum
iswprint
strnlen
_wcsdup
toupper

api-ms-win-crt-stdio-l1-1-0

feof
fgets
fread
__stdio_common_vswprintf
_fseeki64
fputs
fseek
_wfopen
fclose
_wfreopen
fopen
fgetc
fputc
__stdio_common_vsscanf
ungetc
_open_osfhandle
_wsopen_dispatch
ferror
__acrt_iob_func
__stdio_common_vfprintf
getc
_ftelli64
_set_fmode
fflush
setvbuf
_getcwd
_get_osfhandle
_fileno
__p__commode
fsetpos
tmpfile
_close
_read
_write
_commit
_lseeki64
_telli64
_open
_lseek
__stdio_common_vsprintf
fgetpos
fwrite
__stdio_common_vfwprintf
__stdio_common_vswscanf
_get_stream_buffer_pointers
__stdio_common_vswprintf_p
clearerr

api-ms-win-crt-time-l1-1-0

_localtime64
_get_timezone
_tzset
_gmtime64
_time64
_mktime64
wcsftime
_ftime64_s
clock

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_wrmdir
_wmkdir
_wremove
_lock_file
_wrename

api-ms-win-crt-convert-l1-1-0

wcstod
wcstombs
wcstol
wcstoul
atoi
atof
_wtoi
strtol
_wtol
_wcstod_l
_wcstoui64
mbstowcs
_wcstoi64

api-ms-win-crt-math-l1-1-0

_fdopen
lround
lroundf
_CIatan
__setusermatherr
_CIatan2
_CIexp
_CIsin
_CIsqrt
_libm_sse2_cos_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
ceil
floor
_except1

api-ms-win-crt-environment-l1-1-0

_wgetenv
getenv
_wgetcwd

api-ms-win-crt-utility-l1-1-0

bsearch
qsort

api-ms-win-crt-locale-l1-1-0

setlocale
_free_locale
_configthreadlocale
_create_locale

comctl32

ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_BeginDrag
ImageList_DragEnter
ord16
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_DragLeave
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_Add
ImageList_Destroy
ImageList_Create
ord17
ImageList_GetIconSize
ImageList_DragMove
ImageList_GetImageCount
ImageList_Draw

winmm

timeBeginPeriod
timeEndPeriod

rpcrt4

RpcStringFreeW
UuidToStringW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

comdlg32

PageSetupDlgW
PrintDlgW
ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

advapi32

GetUserNameW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegEnumKeyW

shell32

SHBrowseForFolderW
ShellExecuteExW
SHGetFileInfoW
ExtractIconExW
ExtractIconW
SHFileOperationW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
DragAcceptFiles
DragQueryFileW
DragQueryPoint

ole32

RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
CoTaskMemAlloc
RevokeDragDrop
CoTaskMemFree
OleSetClipboard
OleUninitialize
OleInitialize
OleFlushClipboard
OleGetClipboard
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard

oleaut32

SafeArrayUnlock
SafeArrayDestroy
VarBstrFromCy
SysFreeString
SysStringLen

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 331KB - Virtual size: 36.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 626KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5483ec645badc1e5c06fafc1d29b17ad

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msvcp140

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

comctl32

winmm

rpcrt4

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 331KB - Virtual size: 36.0MB

.tls Size: 512B - Virtual size: 333B

.rsrc Size: 44KB - Virtual size: 44KB

.reloc Size: 626KB - Virtual size: 626KB

.text
Size: 6.2MB - Virtual size: 6.2MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 331KB - Virtual size: 36.0MB

.tls
Size: 512B - Virtual size: 333B

.rsrc
Size: 44KB - Virtual size: 44KB

.reloc
Size: 626KB - Virtual size: 626KB