Overview

overview

7

Static

static

4

pcsx2-v1.6...er.exe

windows7-x64

7

pcsx2-v1.6...er.exe

windows10-2004-x64

7

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/PCSX...de.pdf

windows7-x64

1

$TEMP/PCSX...de.pdf

windows10-2004-x64

1

$TEMP/PCSX...L.html

windows7-x64

1

$TEMP/PCSX...L.html

windows10-2004-x64

1

$TEMP/PCSX...AQ.pdf

windows7-x64

1

$TEMP/PCSX...AQ.pdf

windows10-2004-x64

1

$TEMP/PCSX...ll.dll

windows7-x64

1

$TEMP/PCSX...ll.dll

windows10-2004-x64

1

$TEMP/PCSX...ll.dll

windows7-x64

1

$TEMP/PCSX...ll.dll

windows10-2004-x64

1

$TEMP/PCSX...X2.dll

windows7-x64

1

$TEMP/PCSX...X2.dll

windows10-2004-x64

1

$TEMP/PCSX...E2.dll

windows7-x64

1

$TEMP/PCSX...E2.dll

windows10-2004-x64

1

$TEMP/PCSX...E4.dll

windows7-x64

1

$TEMP/PCSX...E4.dll

windows10-2004-x64

1

$TEMP/PCSX...ad.dll

windows7-x64

1

$TEMP/PCSX...ad.dll

windows10-2004-x64

1

$TEMP/PCSX...-X.dll

windows7-x64

1

$TEMP/PCSX...-X.dll

windows10-2004-x64

1

$TEMP/PCSX...ll.dll

windows7-x64

1

$TEMP/PCSX...ll.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    361s
  • max time network
    363s
  • platform
    windows7_x64
  • resource
    win7-20240221-es
  • resource tags

    arch:x64arch:x86image:win7-20240221-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    22-04-2024 19:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMP/PCSX2 1.6.0/Plugins/LilyPad.dll

  • Size

    160KB

  • MD5

    aa051ec979c89401cab6ef88fd1a4dc1

  • SHA1

    74859edd74277c2298cc2264b0a910aee842e6f0

  • SHA256

    637def94c71ed72a9f04f1541fbffe4ab63f866461157e80ee90672fc380ada1

  • SHA512

    5495125fdb8cc1544425e8a7c2e34f53094151b6449f348a2053ae94e25fe5d73a791b73d6045220adc0fdbd61fda4c6907c4eb12e8cb9c43a7668d912f2b1f3

  • SSDEEP

    1536:u4ocUyhRRFD1a2vvPX6ILExBQVujvwTEt3KHMVMogxXefUdj0W8HPheYwrMneufa:aIqG/6qTq8MKogxXeboYnkm/J2MNKI8

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$TEMP\PCSX2 1.6.0\Plugins\LilyPad.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\$TEMP\PCSX2 1.6.0\Plugins\LilyPad.dll",#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads