Analysis

  • max time kernel
    359s
  • max time network
    363s
  • platform
    windows7_x64
  • resource
    win7-20240215-es
  • resource tags

    arch:x64arch:x86image:win7-20240215-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    22-04-2024 19:58

General

  • Target

    $TEMP/PCSX2 1.6.0/Plugins/GSdx32-SSE2.dll

  • Size

    2.1MB

  • MD5

    3b3ddfa31e1553fae90afc2e619aea99

  • SHA1

    e7c71f54ae27a279e2b1cb3fccfbd1faa0532082

  • SHA256

    f26bb9c0c23a2a8a79d7afc96389fb4320dbbf51c3c2bd30d0baac85d8221c00

  • SHA512

    1cb06558b569ec5373335873fd3957015b177adc435ca6ac4a5a037dc57dd9d55eac2d627b4761d7b969523419f95458058e3feba7823a1ce824d9e4a1b27068

  • SSDEEP

    49152:qfagEfo5KFfBjb6w9ITrkqI0Rj+60kJVi10M03IvPJ60JU0WJ461N:qHEf4WBP6wy

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$TEMP\PCSX2 1.6.0\Plugins\GSdx32-SSE2.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$TEMP\PCSX2 1.6.0\Plugins\GSdx32-SSE2.dll",#1
      2⤵
        PID:2892

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads