Overview

overview

7

Static

static

4

pcsx2-v1.6...er.exe

windows7-x64

7

pcsx2-v1.6...er.exe

windows10-2004-x64

7

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

$TEMP/PCSX...ain.mo

windows7-x64

3

$TEMP/PCSX...ain.mo

windows10-2004-x64

3

$TEMP/PCSX...zed.mo

windows7-x64

3

$TEMP/PCSX...zed.mo

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pcsx2-v1.6.0-windows-32bit-installer.exe

  • Size

    6.9MB

  • MD5

    c6afd2ff3059b840ee2fb939694efafb

  • SHA1

    405c4d526ac498fd61658d94f24426afa8ac4525

  • SHA256

    fbe07d1afd27ab353daa2afacc2de87d8f5ec69f64bbd9246f31ebfe1731de9b

  • SHA512

    d0cac8e24d83662d16df3a952cb5853f4e4d1ba5a4d78b274cde1131945fbabbbd1f2c10cfcd416a9dcb466b97ec07edac2acebcb6dc3c3b4d6927f5e6d064db

  • SSDEEP

    196608:LrjpHpHPhXOQi7IGJEfB6+x5McQTVNy6Tp93cfw0acIVa:bpJHV4TEf4+XqVX9Vcf6A

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 16 IoCs

    Checks for missing Authenticode signature.

Files

  • pcsx2-v1.6.0-windows-32bit-installer.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    24f4223e271413c25abad52fd456a9bc


    Headers

    Imports

    Sections

  • $PLUGINSDIR/INetC.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    163fdad7b5f915e3a0ca7ad1d08b4ff8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    e1c0bd3d5b9f3f5cec7ea773ff66ac6e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Docs/Configuration_Guide.pdf
    .pdf

    Password: infected

    • https://forums.pcsx2.net/

    • https://github.com/PCSX2/pcsx2/issues

    • https://forum.pcsx2.net/

    • https://wiki.pcsx2.net/Main_Page

    • https://forums.pcsx2.net/Forum-Bug-reporting

  • $TEMP/PCSX2 1.6.0/Docs/GPL.html
    .html
  • $TEMP/PCSX2 1.6.0/Docs/PCSX2.1
  • $TEMP/PCSX2 1.6.0/Docs/PCSX2_FAQ.pdf
    .pdf

    Password: infected

    • https://github.com/pcsx2/pcsx2

    • https://github.com/PCSX2/pcsx2/issues

    • https://github.com/PCSX2/pcsx2

    • https://forums.pcsx2.net/Thread-Post-your-PCSX2-cheats-patches-here

    • https://forums.pcsx2.net/Thread-60-fps-codes

    • https://forums.pcsx2.net/Thread-PCSX2-Widescreen-Game-Patches

    • https://forums.pcsx2.net/Forum-Bug-reporting

    • https://github.com/PCSX2/pcsx2/wiki/How-to-create-useful-and-valid-issues

    • https://pcsx2.net/download/releases/tools.html

    • Show all
  • $TEMP/PCSX2 1.6.0/Docs/debugger.txt
  • $TEMP/PCSX2 1.6.0/GameIndex.dbf
  • $TEMP/PCSX2 1.6.0/Langs/ar_SA/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/ar_SA/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/ca_ES/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/ca_ES/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/cs_CZ/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/cs_CZ/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/da_DK/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/da_DK/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/de_DE/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/de_DE/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/es_ES/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/es_ES/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/fi_FI/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/fi_FI/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/fr_FR/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/fr_FR/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/hr_HR/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/hr_HR/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/hu_HU/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/hu_HU/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/id_ID/pcsx2_Iconized.mo
    .eml
  • $TEMP/PCSX2 1.6.0/Langs/id_ID/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/it_IT/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/it_IT/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/ja_JP/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/ja_JP/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/ko_KR/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/ko_KR/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/lt_LT/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/lt_LT/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/ms_MY/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/ms_MY/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/nb_NO/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/nb_NO/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/nl_NL/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/nl_NL/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/pl_PL/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/pl_PL/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/pt_BR/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/pt_BR/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/ru_RU/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/ru_RU/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/sv_SE/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/sv_SE/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/th_TH/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/th_TH/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/tr_TR/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/tr_TR/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/zh_CN/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/zh_CN/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/Langs/zh_TW/pcsx2_Iconized.mo
  • $TEMP/PCSX2 1.6.0/Langs/zh_TW/pcsx2_Main.mo
  • $TEMP/PCSX2 1.6.0/PCSX2_keys.ini.default
  • $TEMP/PCSX2 1.6.0/Plugins/DEV9null.dll
    .dll windows:6 windows x86 arch:x86

    Password: infected

    bfb604c4c69acf1937d827cf9fd90372


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/FWnull.dll
    .dll windows:6 windows x86 arch:x86

    Password: infected

    90ee789d9aff818c8e54f8065cbd7f59


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/GSdx32-AVX2.dll
    .dll windows:6 windows x86 arch:x86

    d5761be7d79db41d6663c3d892e8f661


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/GSdx32-SSE2.dll
    .dll windows:6 windows x86 arch:x86

    f4b10486d7e2b9559a5195c6bb56c210


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/GSdx32-SSE4.dll
    .dll windows:6 windows x86 arch:x86

    f4b10486d7e2b9559a5195c6bb56c210


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/LilyPad.dll
    .dll windows:6 windows x86 arch:x86

    ef4cead7e07d4a228971c619748d9091


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/Spu2-X.dll
    .dll windows:6 windows x86 arch:x86

    edd6292c3c69f34aaeb5545d8cc45c9b


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/USBnull.dll
    .dll windows:6 windows x86 arch:x86

    90ee789d9aff818c8e54f8065cbd7f59


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Plugins/cdvdGigaherz.dll
    .dll windows:6 windows x86 arch:x86

    441042dadc434fd92af42090533a31ba


    Headers

    Imports

    Exports

    Sections

  • $TEMP/PCSX2 1.6.0/Shaders/GSdx.fx
  • $TEMP/PCSX2 1.6.0/Shaders/GSdx_FX_Settings.ini
  • $TEMP/PCSX2 1.6.0/cheats_ws.zip
    .zip
  • $TEMP/PCSX2 1.6.0/pcsx2.exe
    .exe windows:6 windows x86 arch:x86

    fb7ee9d3a8d3480bfb56c6aede45e1bc


    Headers

    Imports

    Exports

    Sections

  • $TEMP/pcsx2-1.6.0-include_standard.exe
    .exe windows:4 windows x86 arch:x86

    24f4223e271413c25abad52fd456a9bc


    Headers

    Imports

    Sections