Pcsx-1[.]5[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Pcsx-1.5.zip
Size

165KB
MD5

70d16c27c77c0c67f8385ca25abbf648
SHA1

e83cf435c7ecef825482d9223892fd941497f202
SHA256

a977cd4641eef7b548bc1478cb65b156ece1ea57777cf648ffe0a0a87681d365
SHA512

493eedb74fbd8bac85b648c80570d0887bbb8645341ef556c6b14d2ee9232471be54448ba78731c9cd3185c75eaee5ee93807b4843d8c0ed7c32b279fd45aa7c
SSDEEP

3072:/Bw24bshJ8E0bJUsnQBvPZ8PM7svTjN4kkrVkPfe5CJaqfUU6cQ2Ev0JzBq/nzNR:/BbushJ8E0qOQBvPZuxvHN45eeBqfxvc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Pcsx/pcsx.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Pcsx/gnu_gettext.dll
unpack001/Pcsx/pcsx.exe

Files

Pcsx-1.5.zip
.zip
Pcsx/Bios/Eraseme.txt
Pcsx/Langs/it/LC_MESSAGES/pcsx.mo
Pcsx/Plugin/Eraseme.txt
Pcsx/Readme.txt
Pcsx/gnu_gettext.dll
.dll windows:4 windows x86

f6c0d12308b530e45a1747fddc12f44f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_close
_fstat
_getcwd
_open
_read
_strdup
_errno
_putenv
_stricmp
_strnicmp
_wcsicmp
bsearch
fclose
feof
fgets
fopen
free
getenv
isalnum
isalpha
isdigit
isspace
malloc
memcpy
qsort
realloc
strchr
strcmp
tolower

Exports

Exports

bindtextdomain
dcgettext
dgettext
gettext
gettext_putenv
textdomain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 48B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pcsx/memcards/Eraseme.txt
Pcsx/memcards/Mcd001.mcr
Pcsx/memcards/Mcd002.mcr
Pcsx/pcsx.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 676KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pcsx/snap/Eraseme.txt
Pcsx/sstates/Eraseme.txt

Sharing

General

Malware Config

Signatures

Files

f6c0d12308b530e45a1747fddc12f44f

Headers

File Characteristics

Imports

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 56B

.bss Size: - Virtual size: 48B

.edata Size: 512B - Virtual size: 184B

.idata Size: 1024B - Virtual size: 784B

.reloc Size: 1024B - Virtual size: 608B

.rsrc Size: 3KB - Virtual size: 2KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 676KB

UPX1 Size: 148KB - Virtual size: 152KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 56B

.bss
Size: - Virtual size: 48B

.edata
Size: 512B - Virtual size: 184B

.idata
Size: 1024B - Virtual size: 784B

.reloc
Size: 1024B - Virtual size: 608B

.rsrc
Size: 3KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 676KB

UPX1
Size: 148KB - Virtual size: 152KB

.rsrc
Size: 2KB - Virtual size: 4KB