Overview
overview
7Static
static
3publish/OpenAL32.dll
windows7-x64
1publish/OpenAL32.dll
windows10-2004-x64
1publish/Ry...va.exe
windows7-x64
7publish/Ry...va.exe
windows10-2004-x64
7publish/Ryujinx.exe
windows7-x64
1publish/Ryujinx.exe
windows10-2004-x64
7publish/SDL2.dll
windows7-x64
1publish/SDL2.dll
windows10-2004-x64
1publish/av...v2.dll
windows7-x64
1publish/av...v2.dll
windows10-2004-x64
1publish/av...59.dll
windows7-x64
1publish/av...59.dll
windows10-2004-x64
1publish/avutil-57.dll
windows7-x64
1publish/avutil-57.dll
windows10-2004-x64
1publish/glfw3.dll
windows7-x64
1publish/glfw3.dll
windows10-2004-x64
1publish/li...rp.dll
windows7-x64
1publish/li...rp.dll
windows10-2004-x64
1publish/li...rp.dll
windows7-x64
1publish/li...rp.dll
windows10-2004-x64
1publish/li....dylib
macos-10.15-amd64
1publish/li...io.dll
windows7-x64
1publish/li...io.dll
windows10-2004-x64
1Resubmissions
16-06-2024 14:53
240616-r9bqtsxdrd 7Analysis
-
max time kernel
122s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
16-06-2024 14:53
Static task
static1
Behavioral task
behavioral1
Sample
publish/OpenAL32.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
publish/OpenAL32.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
publish/Ryujinx.Ava.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
publish/Ryujinx.Ava.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
publish/Ryujinx.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
publish/Ryujinx.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
publish/SDL2.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
publish/SDL2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
publish/av_libglesv2.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
publish/av_libglesv2.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
publish/avcodec-59.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
publish/avcodec-59.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
publish/avutil-57.dll
Resource
win7-20240611-en
Behavioral task
behavioral14
Sample
publish/avutil-57.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
publish/glfw3.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
publish/glfw3.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
publish/libHarfBuzzSharp.dll
Resource
win7-20240611-en
Behavioral task
behavioral18
Sample
publish/libHarfBuzzSharp.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
publish/libSkiaSharp.dll
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
publish/libSkiaSharp.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral21
Sample
publish/libarmeilleure-jitsupport.dylib
Resource
macos-20240611-en
Behavioral task
behavioral22
Sample
publish/libsoundio.dll
Resource
win7-20240508-en
Behavioral task
behavioral23
Sample
publish/libsoundio.dll
Resource
win10v2004-20240611-en
General
-
Target
publish/Ryujinx.exe
-
Size
59.2MB
-
MD5
22147894a92b93e8c096721b901ec3d9
-
SHA1
ea2fe5cc929edf3dd6f9ef5c85d03459af107abc
-
SHA256
baaa3069ae7d7149f3062556ff12e9c8478bc88a74fb2b59cfa5a38ef91c05e6
-
SHA512
648b3b349a2a4f2d5cb64a699be574f9fd54ff099b264a239a9596fa95ab05b0ff6692e4badaa80547fb290f0f8e003eb387ceb6388c94c82af9cb26b3c68fb0
-
SSDEEP
393216:3kDkpjhB2dhe9Js2hzPPHpbK+n0GKq8PhHqqJquD/u:3PpO+RbPJbK+0GKqKIqJquD/u
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Ryujinx.exedescription pid process Token: SeDebugPrivilege 1520 Ryujinx.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
Ryujinx.exepid process 1520 Ryujinx.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Ryujinx\bis\system\save\8000000000000000\ExtraData0Filesize
512B
MD54ced1f31ead6b0568e8dca4c7932bdb4
SHA1e91e39ddb09f3574053df2fc9803502dd4d0e711
SHA2567cec1524d213e019e78955351e6c8aa9d46a03679363c4fca782054c23ee3da8
SHA512449bbeab78d27e7e6136d902c1566c7308c458d5553b7dd191c3da697c671f2839ae83ab0ca1589f8d27febdadf902e3f76859294555de5d39ad8bb0be189cf4
-
C:\Users\Admin\AppData\Roaming\Ryujinx\bis\system\save\8000000000000000\ExtraData0Filesize
512B
MD56d92289be7aba1d1b3962ace4000b13c
SHA11f64240aaee854253a3956643e94caabd4a7d4a3
SHA2561d17c36ca470af095c58329fcb601fbb084b4e6f494eb73ba480e2a55bba36da
SHA512db2aebf66ba476745af037abe1842bc8227d7e89b3eb532320e3cb3e82e501d787d16dbf122e673d83b8a3443ebf75925b8f056a32967da02b1a8730882f751a
-
memory/1520-0-0x0000000140377000-0x0000000140379000-memory.dmpFilesize
8KB
-
memory/1520-29-0x0000000140377000-0x0000000140379000-memory.dmpFilesize
8KB