Overview
overview
6Static
static
4pcsx2-v1.5...de.pdf
windows7-x64
1pcsx2-v1.5...de.pdf
windows10-2004-x64
1pcsx2-v1.5...L.html
windows7-x64
1pcsx2-v1.5...L.html
windows10-2004-x64
1pcsx2-v1.5...AQ.pdf
windows7-x64
1pcsx2-v1.5...AQ.pdf
windows10-2004-x64
1pcsx2-v1.5...x2.exe
windows7-x64
1pcsx2-v1.5...x2.exe
windows10-2004-x64
6pcsx2-v1.5...rk.dll
windows7-x64
1pcsx2-v1.5...rk.dll
windows10-2004-x64
1pcsx2-v1.5...ll.dll
windows7-x64
1pcsx2-v1.5...ll.dll
windows10-2004-x64
1pcsx2-v1.5...ll.dll
windows7-x64
1pcsx2-v1.5...ll.dll
windows10-2004-x64
1pcsx2-v1.5...X2.dll
windows7-x64
1pcsx2-v1.5...X2.dll
windows10-2004-x64
1pcsx2-v1.5...E2.dll
windows7-x64
1pcsx2-v1.5...E2.dll
windows10-2004-x64
1pcsx2-v1.5...E4.dll
windows7-x64
1pcsx2-v1.5...E4.dll
windows10-2004-x64
1pcsx2-v1.5...ad.dll
windows7-x64
1pcsx2-v1.5...ad.dll
windows10-2004-x64
1pcsx2-v1.5...-X.dll
windows7-x64
1pcsx2-v1.5...-X.dll
windows10-2004-x64
1pcsx2-v1.5...ll.dll
windows7-x64
1pcsx2-v1.5...ll.dll
windows10-2004-x64
1pcsx2-v1.5...rz.dll
windows7-x64
1pcsx2-v1.5...rz.dll
windows10-2004-x64
1pcsx2-v1.5...ay.cmd
windows7-x64
1pcsx2-v1.5...ay.cmd
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 19:17
Behavioral task
behavioral1
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/docs/Configuration_Guide.pdf
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/docs/Configuration_Guide.pdf
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/docs/GPL.html
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral4
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/docs/GPL.html
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/docs/PCSX2_FAQ.pdf
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral6
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/docs/PCSX2_FAQ.pdf
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/pcsx2.exe
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral8
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/pcsx2.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/DEV9ghzdrk.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral10
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/DEV9ghzdrk.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/DEV9null.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral12
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/DEV9null.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/FWnull.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral14
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/FWnull.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-AVX2.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral16
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-AVX2.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-SSE2.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral18
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-SSE2.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-SSE4.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral20
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-SSE4.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/LilyPad.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral22
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/LilyPad.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/Spu2-X.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral24
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/Spu2-X.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/USBnull.dll
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral26
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/USBnull.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/cdvdGigaherz.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral28
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/cdvdGigaherz.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/run_spu2_replay.cmd
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral30
Sample
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/run_spu2_replay.cmd
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86/plugins/GSdx32-AVX2.dll
-
Size
2.1MB
-
MD5
5b9cfc364145855b1405d6b3201c6cf3
-
SHA1
ef27b0772282e2ce40b559181c31442e0aad13d3
-
SHA256
931ce6411ee223896ceb99bb05ba10591ac9bf34f732555b99715697cad15191
-
SHA512
d3b00a29a6a98fb014936663b30f47e9d77b1f9f1e2025c5d186fc9c9a80505a20bc49c7f7590930e287d75afe2a1b6a7abe273baa6356059563734dc0411896
-
SSDEEP
49152:pINsFYuC1Dy9P3LLBITYFNeI0Rj+60kJVi10M03IvPJ60JU0WJ46rI9q:dFY1DICI
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1508 wrote to memory of 1604 1508 rundll32.exe 28 PID 1508 wrote to memory of 1604 1508 rundll32.exe 28 PID 1508 wrote to memory of 1604 1508 rundll32.exe 28 PID 1508 wrote to memory of 1604 1508 rundll32.exe 28 PID 1508 wrote to memory of 1604 1508 rundll32.exe 28 PID 1508 wrote to memory of 1604 1508 rundll32.exe 28 PID 1508 wrote to memory of 1604 1508 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86\plugins\GSdx32-AVX2.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1508 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\pcsx2-v1.5.0-dev-3390-g2c4af87e1-windows-x86\plugins\GSdx32-AVX2.dll,#12⤵PID:1604
-