bb6f0340fd97bbddafc7d3b09cbf2622ee9ff32283752b3654a9421eadd3044c

Sharing

Copy URL Twitter E-mail

General

Target

bb6f0340fd97bbddafc7d3b09cbf2622ee9ff32283752b3654a9421eadd3044c
Size

1.7MB
MD5

96fa1a2847d6a3a1e7a584f3302b0fde
SHA1

7be9fe50268078f22aa2d766b8cbf44e4163f165
SHA256

bb6f0340fd97bbddafc7d3b09cbf2622ee9ff32283752b3654a9421eadd3044c
SHA512

025a553ba4dfd622871c531c866668125263a155be9179d47506a38010953ed0ea2acce05358ebd098bea05d7398ae9b63359256f75934d5b3c793f827b6e501
SSDEEP

49152:3B73ajeu9S6FbW6y+dLfgnHczd3/VPHuk3lC3:3laCuJZDbdbQc59POk38

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/ePSXe1925/ePSXe.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ePSXe1925/burutter.dll
unpack001/ePSXe1925/ePSXe.exe
unpack001/ePSXe1925/plugins/gpu.dat
unpack001/ePSXe1925/plugins/gpuPeteOpenGL2.dll

Files

bb6f0340fd97bbddafc7d3b09cbf2622ee9ff32283752b3654a9421eadd3044c
.zip
ePSXe1925/bios/Scph1001.bin
ePSXe1925/bios/Scph101.bin
ePSXe1925/bios/Scph7502.bin
ePSXe1925/bios/erase.me
ePSXe1925/burutter.dll
.dll windows x86

b9f9eecfd4d123f220ade5a5daf5994b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
OutputDebugStringA
CloseHandle
DeviceIoControl
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
CreateFileA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

Big_Motor
JOY_Close
JOY_init
Small_Motor

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ePSXe1925/cheats/erase.me
ePSXe1925/config/erase.me
ePSXe1925/docs/ePSXe_en.txt
ePSXe1925/docs/ePSXe_sp.txt
ePSXe1925/ePSXe.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 456KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ePSXe1925/epsxe.chm
.chm
ePSXe1925/idx/erase.me
ePSXe1925/isos/erase.me
ePSXe1925/memcards/delete.me
ePSXe1925/memcards/epsxe000.mcr
ePSXe1925/memcards/epsxe001.mcr
ePSXe1925/memcards/games/delete.me
ePSXe1925/patches/erase.me
ePSXe1925/plugins/gpu.dat
.dll windows x86

2c83fab03649b3189036c618ffc90291

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ddraw

DirectDrawEnumerateA
DirectDrawCreate

winmm

timeGetTime

msvfw32

ICClose
ICOpen
ICCompressorChoose
ord2
ICGetInfo

avifil32

AVIFileInit
AVIFileOpenA
AVIFileExit
AVIFileRelease
AVIStreamRelease
AVIStreamSetFormat
AVIMakeCompressedStream
AVIFileCreateStreamA
AVIStreamWrite

kernel32

TerminateProcess
InterlockedCompareExchange
InterlockedExchange
lstrlenA
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
lstrcatA
FreeLibrary
LoadLibraryA
QueryPerformanceFrequency
Sleep
SetUnhandledExceptionFilter
QueryPerformanceCounter
FindResourceA
LoadResource
LockResource
GetModuleHandleA
GetProcAddress
lstrcpyA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentProcess

user32

GetSystemMetrics
MoveWindow
UpdateWindow
GetMenu
FillRect
GetDC
ReleaseDC
InflateRect
LoadStringA
DrawTextA
SetWindowLongA
SetMenu
GetClientRect
ClientToScreen
EnumDisplaySettingsA
SetWindowPos
SetScrollRange
SetScrollPos
CheckRadioButton
SetDlgItemInt
wsprintfA
DialogBoxParamA
CheckDlgButton
EndDialog
SetDlgItemTextA
MessageBoxA
GetDlgItem
GetDlgItemInt
IsDlgButtonChecked
GetDlgItemTextA
SendMessageA
ShowWindow
GetWindowLongA
GetActiveWindow
GetAsyncKeyState
GetScrollPos
SetRect

gdi32

DeleteObject
Rectangle
SetBkColor
SetTextColor
CreatePen
CreateSolidBrush
SelectObject
CreateDIBSection
CreateCompatibleDC
GetStockObject
CreateFontA
ExtTextOutA
SetBkMode
DeleteDC

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

msvcr80

memcpy
atol
strchr
memset
fclose
fopen
getenv
sprintf
malloc
fread
strstr
atoi
_mkdir
atof
rand
_time64
srand
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
fwrite
_adjust_fdiv
_stat64i32
free

Exports

Exports

GP0_Read
GP0_Write
GP1_Read
GP1_Write
GPU_About
GPU_Close
GPU_Configure
GPU_DmaExec
GPU_LoadState
GPU_Open
GPU_SaveState
GPU_ScreenShot
GPU_Update
GPUabout
GPUclose
GPUconfigure
GPUcursor
GPUdisplayFlags
GPUdisplayText
GPUdmaChain
GPUfreeze
GPUgetMode
GPUgetScreenPic
GPUinit
GPUmakeSnapshot
GPUopen
GPUreadData
GPUreadDataMem
GPUreadStatus
GPUsetMode
GPUsetfix
GPUsetframelimit
GPUshowScreenPic
GPUshutdown
GPUtest
GPUupdateLace
GPUvisualVibration
GPUwriteData
GPUwriteDataMem
GPUwriteStatus
PSEgetLibName
PSEgetLibType
PSEgetLibVersion
ZN_GPUclose
ZN_GPUdisplayFlags
ZN_GPUdmaChain
ZN_GPUdmaSliceIn
ZN_GPUdmaSliceOut
ZN_GPUfreeze
ZN_GPUgetMode
ZN_GPUgetScreenPic
ZN_GPUinit
ZN_GPUmakeSnapshot
ZN_GPUopen
ZN_GPUreadData
ZN_GPUreadStatus
ZN_GPUsetMode
ZN_GPUshowScreenPic
ZN_GPUshutdown
ZN_GPUtest
ZN_GPUupdateLace
ZN_GPUwriteData
ZN_GPUwriteStatus

Sections

.text
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ePSXe1925/plugins/gpuPeteOpenGL2.dll
.dll windows x86

0c9753d104a07fd4e9e692d85da6f50d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
SendMessageA
IsWindow
GetActiveWindow
SetWindowLongA
GetWindowLongA
GetMenu
SetMenu
ShowWindow
GetSystemMetrics
MoveWindow
UpdateWindow
FillRect
ChangeDisplaySettingsA
MessageBeep
GetDC
ReleaseDC
InflateRect
EndDialog
DrawTextA
GetAsyncKeyState
MessageBoxA
DialogBoxParamA
EnableWindow
GetWindowTextA
GetDlgItemInt
IsDlgButtonChecked
GetDlgItemTextA
GetDlgItem
EnumDisplaySettingsA
wsprintfA
SetDlgItemInt
SetWindowTextA
CheckDlgButton
SetDlgItemTextA

gdi32

SwapBuffers
DeleteObject
DeleteDC
Rectangle
SetBkColor
SetTextColor
CreatePen
CreateSolidBrush
SelectObject
CreateDIBSection
CreateCompatibleDC
GetStockObject
SetPixelFormat
CreateFontA
ChoosePixelFormat

opengl32

glEndList
glEnd
glBegin
glVertex2f
glNewList
glGenLists
glTexImage2D
glTexParameteri
glBindTexture
glGenTextures
glFinish
glFlush
glPixelTransferi
glHint
glPolygonMode
glClear
glTexEnvf
glDepthFunc
glOrtho
glScalef
glLoadIdentity
glMatrixMode
glEnable
glScissor
glPixelStorei
glDeleteTextures
glVertex3f
glTexCoord2f
wglDeleteContext
wglMakeCurrent
wglCreateContext
glReadPixels
glCallList
glVertex3fv
glTexCoord2fv
glBlendFunc
glReadBuffer
glGetIntegerv
wglGetCurrentDC
wglShareLists
glColorMask
glClearDepth
glViewport
glDeleteLists
glVertex2i
glColor4ub
glCopyTexSubImage2D
glShadeModel
glAreTexturesResident
glTexSubImage2D
glAlphaFunc
glDisable
glColor4ubv
glGetString
glClearColor
wglGetProcAddress

winmm

timeGetTime

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

sprintf
atof
strchr
atol
atoi
free
_ftol
strstr
malloc
fclose
fwrite
fopen
srand
fread
fgetpos
fseek
rand
_adjust_fdiv
_initterm
fgetc

kernel32

Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
FindResourceA
LoadResource
lstrcatA
lstrlenA
FreeLibrary
lstrcpyA
GetProcAddress
LoadLibraryA
LockResource

Exports

Exports

GPUabout
GPUclose
GPUconfigure
GPUcursor
GPUdisplayFlags
GPUdmaChain
GPUfreeze
GPUgetMode
GPUgetScreenPic
GPUinit
GPUmakeSnapshot
GPUopen
GPUreadData
GPUreadDataMem
GPUreadStatus
GPUsetMode
GPUsetfix
GPUsetframelimit
GPUshowScreenPic
GPUshutdown
GPUtest
GPUupdateLace
GPUvisualVibration
GPUwriteData
GPUwriteDataMem
GPUwriteStatus
PSEgetLibName
PSEgetLibType
PSEgetLibVersion
ZN_GPUclose
ZN_GPUdisplayFlags
ZN_GPUdmaChain
ZN_GPUdmaSliceIn
ZN_GPUdmaSliceOut
ZN_GPUfreeze
ZN_GPUgetMode
ZN_GPUgetScreenPic
ZN_GPUinit
ZN_GPUmakeSnapshot
ZN_GPUopen
ZN_GPUreadData
ZN_GPUreadStatus
ZN_GPUsetMode
ZN_GPUshowScreenPic
ZN_GPUshutdown
ZN_GPUtest
ZN_GPUupdateLace
ZN_GPUwriteData
ZN_GPUwriteStatus

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ePSXe1925/plugins/pete_ogl2_readme_2_09.txt
ePSXe1925/plugins/pete_ogl2_version_2_09.txt
ePSXe1925/plugins/remove.me
ePSXe1925/snap/kill.me
ePSXe1925/sstates/punch.me

Sharing

General

Malware Config

Signatures

Files

b9f9eecfd4d123f220ade5a5daf5994b

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 9.6MB

UPX1 Size: 456KB - Virtual size: 460KB

.rsrc Size: 7KB - Virtual size: 8KB

2c83fab03649b3189036c618ffc90291

Headers

File Characteristics

Imports

ddraw

winmm

msvfw32

avifil32

kernel32

user32

gdi32

advapi32

msvcr80

Exports

Exports

Sections

.text Size: 376KB - Virtual size: 374KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 6.0MB

.rsrc Size: 64KB - Virtual size: 62KB

.reloc Size: 68KB - Virtual size: 67KB

0c9753d104a07fd4e9e692d85da6f50d

Headers

File Characteristics

Imports

user32

gdi32

opengl32

winmm

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 36KB - Virtual size: 33KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 9.6MB

UPX1
Size: 456KB - Virtual size: 460KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 376KB - Virtual size: 374KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 6.0MB

.rsrc
Size: 64KB - Virtual size: 62KB

.reloc
Size: 68KB - Virtual size: 67KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 36KB - Virtual size: 33KB