ps3debugger[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

ps3debugger.zip
Size

2.5MB
MD5

e58b219365f144dbe8adb9073d723424
SHA1

19fc69e2828a0b4df0e481b8427ce35a0b03a1b9
SHA256

51707e7c8733775c85afdc3321f7b7af6807e4d3ba0d526174e56f71b033db2d
SHA512

f6d7fdd983e639f8a01efff448b713ded2147905c9e869e5273cbb0835939454b7cdcb57123c6eeb691935988f52346d302c609cbc83aecc5c76469a82f8d4b9
SSDEEP

49152:Ty+PtbITgTs7n+MlQ98rnPA6LYCkpSxhTkgvNixcxkUJy011cnnZtnh0jh5:G+PBIUNsOwo+YCkpSbRNiilJy01enH2/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ps3debugger.exe

Files

ps3debugger.zip
.zip
ps3debugger.exe
.exe windows:5 windows x86 arch:x86

01d30402b92a9d6a6d439bae8bdccb31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\platypus\working\depot\ProDG\release\ProDG_PS3_SDK470\Bin\Release\PS3Debugger.pdb

Imports

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetSystemTimeAsFileTime
GetCPInfo
GetStartupInfoW
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
TlsFree
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
SetHandleCount
GetFileType
GetStartupInfoA
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetCommandLineW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
HeapFree
OpenEventA
OpenMutexA
CreateEventA
CreateMutexA
FreeEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
GetFileAttributesA
SetConsoleMode
ReadConsoleInputA
GetFullPathNameA
GetDriveTypeA
DuplicateHandle
DeleteFileA
ExitThread
MoveFileA
IsProcessorFeaturePresent
lstrcpynW
GetVersionExA
SearchPathW
FreeResource
GlobalSize
LoadLibraryExW
SetFilePointerEx
GetFileSizeEx
GetExitCodeThread
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateIoCompletionPort
GetQueuedCompletionStatus
ReadDirectoryChangesW
PostQueuedCompletionStatus
WaitForMultipleObjectsEx
CancelIo
GetFileTime
GetLogicalDrives
GetDriveTypeW
ReleaseSemaphore
CreateSemaphoreW
TryEnterCriticalSection
GetCurrentDirectoryW
WaitForMultipleObjects
GetCurrentDirectoryA
SetCurrentDirectoryA
HeapAlloc
ExpandEnvironmentStringsA
LocalAlloc
LocalLock
LocalFree
LocalUnlock
GetDateFormatW
ResetEvent
TerminateThread
SetEvent
OutputDebugStringW
LoadLibraryA
ExpandEnvironmentStringsW
FindFirstFileW
FindClose
FindNextFileW
SetUnhandledExceptionFilter
ExitProcess
GetLongPathNameW
CreateDirectoryW
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcmpiW
SetThreadUILanguage
SetThreadLocale
FormatMessageW
GetFileInformationByHandle
FormatMessageA
TlsGetValue
TlsSetValue
TlsAlloc
GetSystemDefaultLangID
GetFullPathNameW
GetTempPathA
SetFileTime
CreateEventW
GetCurrentProcessId
GetTimeFormatW
WideCharToMultiByte
lstrlenA
RtlUnwind
CreateProcessW
WaitNamedPipeA
OpenProcess
GetModuleHandleW
CopyFileW
GetFileAttributesW
SetFileAttributesW
MoveFileW
CreateMutexW
OpenMutexW
OpenFileMappingW
LoadLibraryW
GetProcAddress
FreeLibrary
ReleaseMutex
WaitForSingleObject
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GlobalFree
CreateThread
WaitForSingleObjectEx
MultiByteToWideChar
DeleteFileW
GetLocalTime
Sleep
SetFilePointer
CreateFileMappingW
MapViewOfFile
SetEndOfFile
UnmapViewOfFile
GetNamedPipeHandleStateW
GetEnvironmentStrings
SetNamedPipeHandleState
CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
WaitNamedPipeW
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrcmpW
lstrlenW
GetTickCount
InterlockedExchange
InterlockedCompareExchange
DeleteCriticalSection
InitializeCriticalSection
SetCurrentDirectoryW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileSize
ReadFile
CreateFileW
WriteFile
CloseHandle
GetLastError
SetLastError
GetCurrentThreadId
MulDiv
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
CreateFileMappingA

user32

GetSubMenu
TrackPopupMenuEx
LoadStringA
RemoveMenu
MonitorFromPoint
GetMenuItemInfoW
GetMenuItemCount
IsIconic
DefMDIChildProcW
DdeInitializeW
DdeCreateStringHandleW
DdeUninitialize
DdeFreeStringHandle
DdeConnect
DdeClientTransaction
DdeFreeDataHandle
DdeDisconnect
FlashWindowEx
BringWindowToTop
BeginDeferWindowPos
EndDeferWindowPos
TranslateMDISysAccel
PostQuitMessage
GetWindowThreadProcessId
AdjustWindowRectEx
TranslateAcceleratorW
DefFrameProcW
GetTopWindow
GetWindowPlacement
SetMenu
GetDlgItemTextA
GetMessagePos
EmptyClipboard
SetClipboardData
CloseClipboard
DrawFrameControl
GetLastActivePopup
GetForegroundWindow
GetDlgCtrlID
GetWindowDC
OpenClipboard
GetMenu
SetForegroundWindow
SetActiveWindow
IsWindowEnabled
RegisterClipboardFormatW
GetMenuStringW
LoadStringW
LoadMenuW
LoadAcceleratorsW
LockWindowUpdate
GetDesktopWindow
FillRect
DrawFocusRect
AdjustWindowRect
PostMessageA
GetDialogBaseUnits
DialogBoxIndirectParamW
WinHelpW
GetSystemMenu
DrawIcon
EnumChildWindows
GetClassNameW
IsChild
WaitForInputIdle
SetCapture
InvalidateRgn
ClientToScreen
CharNextW
GetClassInfoExW
GetDCEx
SetLayeredWindowAttributes
GetUpdateRect
ShowCaret
SetClassLongW
SetMenuDefaultItem
HideCaret
DestroyCaret
CreateCaret
SetCaretPos
GetInputState
EnumDisplayMonitors
FindWindowExW
IsDialogMessageW
GetCapture
CheckMenuItem
GetScrollPos
GetSysColorBrush
SystemParametersInfoW
CreateDialogIndirectParamW
GetUpdateRgn
GetCaretPos
DrawMenuBar
TrackMouseEvent
EnumWindows
FindWindowW
SetParent
EnumThreadWindows
FlashWindow
LoadIconW
DrawEdge
DestroyIcon
RegisterWindowMessageW
GetIconInfo
LoadImageW
RegisterClassExW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowPlacement
GetSysColor
EndPaint
BeginPaint
LoadCursorW
SetCursor
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
DrawIconEx
ChildWindowFromPoint
KillTimer
SetTimer
UpdateWindow
CopyRect
InsertMenuW
EnableMenuItem
GetMenuItemID
LoadBitmapW
IntersectRect
ScrollWindowEx
ReleaseCapture
EqualRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
SetScrollInfo
GetScrollInfo
SetScrollRange
SetScrollPos
InflateRect
MoveWindow
SetDlgItemTextA
MessageBeep
GetKeyState
GetAsyncKeyState
MessageBoxW
SetDlgItemInt
GetClipboardData
GetClassLongW
CharLowerW
GetFocus
SendDlgItemMessageW
IsDlgButtonChecked
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetFocus
EnableWindow
GetWindowTextLengthW
GetWindowTextW
PostMessageW
DefWindowProcW
CallWindowProcW
CreateDialogParamW
SetDlgItemTextW
SetWindowTextW
GetCursorPos
CreatePopupMenu
AppendMenuW
GetActiveWindow
ScreenToClient
TrackPopupMenu
DestroyMenu
GetDC
DrawTextW
ReleaseDC
DialogBoxParamW
GetSystemMetrics
ShowWindow
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsWindow
GetDlgItem
GetParent
RedrawWindow
IsWindowVisible
InvalidateRect
GetClientRect
GetWindowRect
SetWindowPos
GetWindowLongW
DestroyWindow
CreateWindowExW
SetWindowLongW
EndDialog
SendMessageW
OffsetRect
DestroyAcceleratorTable
CreateAcceleratorTableW
CopyAcceleratorTableW
IsZoomed
MsgWaitForMultipleObjects
CharLowerBuffW
CharUpperA
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
GetKeyboardLayout
CharUpperW
DeferWindowPos
wsprintfA
MapVirtualKeyW
GetNextDlgTabItem
ModifyMenuW
GetMenuState
MonitorFromRect
CopyIcon
CreateIconIndirect
SystemParametersInfoA
DrawStateW
UnionRect
WindowFromPoint
SetCursorPos
UnregisterClassA

gdi32

ExcludeClipRect
SetRectRgn
PtInRegion
DPtoLP
RestoreDC
GetTextExtentExPointW
GetCurrentPositionEx
GetBkColor
CreateDCW
SetTextAlign
CreatePatternBrush
PatBlt
Polygon
GetTextExtentPoint32W
CreateFontIndirectW
GetObjectW
CreateSolidBrush
GetDeviceCaps
DeleteDC
LineTo
MoveToEx
SetTextColor
SetBkMode
CreatePen
CreateCompatibleBitmap
TextOutW
Ellipse
Polyline
SetPixel
SetMapperFlags
StretchBlt
SelectClipRgn
Rectangle
CreateBitmap
SetViewportOrgEx
GetCurrentObject
CreateRectRgn
CombineRgn
EnumFontFamiliesExW
CreateBrushIndirect
GetPixel
GetTextMetricsW
CreateRectRgnIndirect
GetTextAlign
BitBlt
CreateCompatibleDC
DeleteObject
SetBkColor
ExtTextOutW
SetWindowOrgEx
GetStockObject
SaveDC
SetMapMode
GetMapMode
ExtFloodFill
RoundRect
Chord
GetTextColor
GetTextCharsetInfo
GetClipBox
GetDCOrgEx
StretchDIBits
GetDIBits
CreateDIBSection
GetObjectType
SelectObject

comdlg32

CommDlgExtendedError
ChooseColorW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegDeleteValueW

shell32

SHGetMalloc
ord4
ord2
SHGetSpecialFolderLocation
SHGetFileInfoW
Shell_NotifyIconW
SHGetFolderPathW
SHGetFolderPathA
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW
DragFinish
DragAcceptFiles
ShellExecuteW

ole32

DoDragDrop
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
OleDuplicateData
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemRealloc
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoCreateGuid
OleUninitialize

oleaut32

VarDecCmp
VarDecFromStr
VarR8FromStr
VarI4FromStr
VarDateFromStr
GetActiveObject
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VarUI4FromStr

shlwapi

PathFileExistsW
ChrCmpIW
StrStrIW
StrPBrkW
StrChrW
StrRChrW
PathCompactPathExW
StrStrIA
ChrCmpIA
PathCanonicalizeW

iphlpapi

SendARP

comctl32

ImageList_AddMasked
ImageList_GetIconSize
ImageList_Draw
ImageList_Add
ImageList_GetImageInfo
ImageList_Duplicate
ImageList_GetIcon
ImageList_Remove
ImageList_Destroy
ImageList_LoadImageW
ImageList_GetImageCount
CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

msimg32

AlphaBlend

ws2_32

recvfrom
send
connect
socket
WSASocketW
setsockopt
sendto
WSAGetLastError
select
__WSAFDIsSet
ioctlsocket
recv
closesocket
gethostbyaddr
WSAStartup
gethostname
gethostbyname
inet_ntoa
inet_addr
htons
htonl

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 719KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01d30402b92a9d6a6d439bae8bdccb31

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wtsapi32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

iphlpapi

comctl32

msimg32

ws2_32

version

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 142KB - Virtual size: 719KB

.rsrc Size: 795KB - Virtual size: 795KB

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 142KB - Virtual size: 719KB

.rsrc
Size: 795KB - Virtual size: 795KB