Resubmissions

16-06-2024 14:53

240616-r9bqtsxdrd 7

Analysis

  • max time kernel
    122s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    16-06-2024 14:53

General

  • Target

    publish/Ryujinx.exe

  • Size

    59.2MB

  • MD5

    22147894a92b93e8c096721b901ec3d9

  • SHA1

    ea2fe5cc929edf3dd6f9ef5c85d03459af107abc

  • SHA256

    baaa3069ae7d7149f3062556ff12e9c8478bc88a74fb2b59cfa5a38ef91c05e6

  • SHA512

    648b3b349a2a4f2d5cb64a699be574f9fd54ff099b264a239a9596fa95ab05b0ff6692e4badaa80547fb290f0f8e003eb387ceb6388c94c82af9cb26b3c68fb0

  • SSDEEP

    393216:3kDkpjhB2dhe9Js2hzPPHpbK+n0GKq8PhHqqJquD/u:3PpO+RbPJbK+0GKqKIqJquD/u

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\publish\Ryujinx.exe
    "C:\Users\Admin\AppData\Local\Temp\publish\Ryujinx.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Ryujinx\bis\system\save\8000000000000000\ExtraData0
    Filesize

    512B

    MD5

    4ced1f31ead6b0568e8dca4c7932bdb4

    SHA1

    e91e39ddb09f3574053df2fc9803502dd4d0e711

    SHA256

    7cec1524d213e019e78955351e6c8aa9d46a03679363c4fca782054c23ee3da8

    SHA512

    449bbeab78d27e7e6136d902c1566c7308c458d5553b7dd191c3da697c671f2839ae83ab0ca1589f8d27febdadf902e3f76859294555de5d39ad8bb0be189cf4

  • C:\Users\Admin\AppData\Roaming\Ryujinx\bis\system\save\8000000000000000\ExtraData0
    Filesize

    512B

    MD5

    6d92289be7aba1d1b3962ace4000b13c

    SHA1

    1f64240aaee854253a3956643e94caabd4a7d4a3

    SHA256

    1d17c36ca470af095c58329fcb601fbb084b4e6f494eb73ba480e2a55bba36da

    SHA512

    db2aebf66ba476745af037abe1842bc8227d7e89b3eb532320e3cb3e82e501d787d16dbf122e673d83b8a3443ebf75925b8f056a32967da02b1a8730882f751a

  • memory/1520-0-0x0000000140377000-0x0000000140379000-memory.dmp
    Filesize

    8KB

  • memory/1520-29-0x0000000140377000-0x0000000140379000-memory.dmp
    Filesize

    8KB