Overview

overview

6

Static

static

6

AetherSX2 ...47.zip

windows7-x64

1

AetherSX2 ...47.zip

windows10-2004-x64

1

AetherSX2 ...47.apk

android-13-x64

1

CHD MAN An...S2.zip

windows7-x64

1

CHD MAN An...S2.zip

windows10-2004-x64

1

ISO or GDI to CHD.bat

windows7-x64

1

ISO or GDI to CHD.bat

windows10-2004-x64

1

chdman.exe

windows7-x64

1

chdman.exe

windows10-2004-x64

1

CODEBREAKE...er.elf

debian-9-mipsel

CodeBreake...00.zip

windows7-x64

1

CodeBreake...00.zip

windows10-2004-x64

1

GS.bin

windows7-x64

3

GS.bin

windows10-2004-x64

3

PAD.bin

windows7-x64

3

PAD.bin

windows10-2004-x64

3

PCSX2 Inte...es.dat

windows7-x64

3

PCSX2 Inte...es.dat

windows10-2004-x64

3

PCSX2 Save...ion.id

windows7-x64

3

PCSX2 Save...ion.id

windows10-2004-x64

3

SPU2.bin

windows7-x64

3

SPU2.bin

windows10-2004-x64

3

Scratchpad.bin

windows7-x64

3

Scratchpad.bin

windows10-2004-x64

3

Screenshot.png

windows7-x64

3

Screenshot.png

windows10-2004-x64

3

eeHwRegs.bin

windows7-x64

3

eeHwRegs.bin

windows10-2004-x64

3

eeMemory.bin

windows7-x64

3

eeMemory.bin

windows10-2004-x64

3

iopHwRegs.bin

windows7-x64

3

iopHwRegs.bin

windows10-2004-x64

3

Analysis

  • max time kernel
    51s
  • max time network
    58s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2024 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eeMemory.bin

  • Size

    32.0MB

  • MD5

    12995a756ac8477d8b86e3f28b7cab19

  • SHA1

    bb6b02dd734b32a7cbe2bb3e0bb89a4cb43a6f8f

  • SHA256

    e5afe38c4a8da4ae62255370bcb6184cacb10e4f13bc0b06c1272c36360b459a

  • SHA512

    6e3c9bfafb95225361308ee015b07799058431b7c650104b6ad95b52b8ff885f00f2803a81507450e0f56ae3374e0191d02be81ac6d0becde8507399ac0dd6dd

  • SSDEEP

    393216:tXBoN2ca2/5NCCVEXJyppEWK8JctEWK8JcmNp:tuMQ5NCY4JD8JcM8Jcm

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\eeMemory.bin
    1⤵
    • Modifies registry class
    PID:3088
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2664

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads