Big_Motor
JOY_Close
JOY_init
Small_Motor
General
-
Target
ePSXe205.zip
-
Size
1.3MB
-
MD5
7cc7e05028bffd55f8c683a08d00b9c8
-
SHA1
d29f5279c901a2e8fd40674f3a9b585fcfd58c2a
-
SHA256
46e1a7ad3dc9c75763440c153465cdccc9a3ba367e3158542953ece4bcdb7b4f
-
SHA512
93d4f1c022d58dc9f0a60b6184c493bbfa9e9fd9f0b343baa8ae48c1d5f66c0e40407f296cd862588978e4ee0e35c31a113df37f7aab5056a540be578182729f
-
SSDEEP
24576:hKPRaql/4QbMwhDs5rLEysSVBTRFmiReFQK34UfhQ+8dJ2uSE6NyxZh:hQRaCNzDmsSb1FKFcUpQ/d4uSJKZh
Score
7/10
Malware Config
Signatures
-
resource yara_rule static1/unpack001/ePSXe.exe upx -
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/burutter.dll unpack001/ePSXe.exe unpack002/out.upx
Files
-
ePSXe205.zip.zip
-
bios/erase.me
-
burutter.dll.dll windows:4 windows x86 arch:x86
b9f9eecfd4d123f220ade5a5daf5994b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetEnvironmentStrings
OutputDebugStringA
CloseHandle
DeviceIoControl
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
CreateFileA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind
Exports
Exports
Sections
.text Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cheats/erase.me
-
config/erase.me
-
covers/erase.me
-
docs/ePSXe_en.txt
-
docs/ePSXe_sp.txt
-
ePSXe.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 22.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 187KB - Virtual size: 187KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.0MB - Virtual size: 19.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 13B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 143KB - Virtual size: 143KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
epsxe.chm.chm
-
idx/erase.me
-
info/erase.me
-
isos/erase.me
-
memcards/delete.me
-
memcards/games/delete.me
-
patches/erase.me
-
plugins/remove.me
-
shaders/gpucore/delete.me
-
shaders/ogl2/erase.me
-
snap/kill.me
-
sstates/punch.me