Malware Analysis Report

2024-12-07 16:14

Sample ID 241113-npbzba1fll
Target ryujinx-mirror-master.zip
SHA256 45af609435baff9823a386d496189c8318b7cc4edd58cea981ef24578a8ad059
Tags
discovery execution persistence
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

45af609435baff9823a386d496189c8318b7cc4edd58cea981ef24578a8ad059

Threat Level: Likely benign

The file ryujinx-mirror-master.zip was found to be: Likely benign.

Malicious Activity Summary

discovery execution persistence

Reads CPU attributes

Creates .desktop file

Unsigned PE

Reads runtime system information

Writes file to tmp directory

Enumerates physical storage devices

System Location Discovery: System Language Discovery

System Network Configuration Discovery

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-13 11:34

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

129s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/realpath

[realpath /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 151.101.1.91:443 tcp
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.1.91:443 tcp
GB 89.187.167.7:443 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-armhf-20240611-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/realpath

[realpath /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Network

N/A

Files

N/A

Analysis: behavioral31

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsbe-20240611-en

Max time kernel

3s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

Signatures

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/online /sbin/sysctl N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /sbin/sysctl N/A
File opened for reading /proc/sys/kernel/osrelease /sbin/sysctl N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /usr/bin/arch N/A
N/A N/A /tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

/bin/uname

[uname -m]

/sbin/sysctl

[sysctl -in sysctl.proc_translated]

/usr/bin/arch

[arch -mips {0} {1}]

Network

N/A

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240226-en

Max time kernel

4s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

Signatures

Creates .desktop file

persistence execution
Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/AppRun /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.svg /bin/cp N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/bin/rm

[rm -rf AppDir]

/bin/mkdir

[mkdir -p AppDir/usr/bin]

/bin/cp

[cp distribution/linux/Ryujinx.desktop AppDir/Ryujinx.desktop]

/bin/cp

[cp distribution/linux/appimage/AppRun AppDir/AppRun]

/bin/cp

[cp distribution/misc/Logo.svg AppDir/Ryujinx.svg]

/bin/cp

[cp -r publish/* AppDir/usr/bin/]

Network

N/A

Files

/tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop

MD5 870af77d115b10ca5e0254bd723b6e47
SHA1 30979dd8c3988faaf5db82ff61cd8572cc7d4a16
SHA256 a19dc6e539931df63d4813f787c51f460cf72e0c44b20add1c0c6ef56c47d840
SHA512 6b717be5417f0592ce12bf02c14ac905677a1aa72cab81d0cab5dd397d2a40fe9bbd7fdaa289072fe4e482bd102c11f4b1dacec16ad706df4ba37d2908020f27

/tmp/ryujinx-mirror-master/AppDir/AppRun

MD5 902aa5e1030864b07dd970bdd4084b36
SHA1 34bdade1ec19cb81d83aff70d2955c9b1a976c4b
SHA256 bbe31cf20b833e15131527b16a5f1ce8419441f88a4ba43bbb188c88b2fb559c
SHA512 bb923dfd26120e140082adc72220e54a5020e26813f75414225811e067b8e9117dba2bf08eac4566d62eabc99b305b9c2eab1ce30c785cc3c804d612f45caa78

Analysis: behavioral21

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

131s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.1.91:443 tcp
US 151.101.1.91:443 tcp
GB 195.181.164.14:443 tcp

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

debian9-armhf-20240418-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Network

N/A

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsbe-20240729-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Network

N/A

Files

N/A

Analysis: behavioral28

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240418-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Network

N/A

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsbe-20240418-en

Max time kernel

2s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

Signatures

Creates .desktop file

persistence execution
Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/AppRun /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.svg /bin/cp N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/bin/rm

[rm -rf AppDir]

/bin/mkdir

[mkdir -p AppDir/usr/bin]

/bin/cp

[cp distribution/linux/Ryujinx.desktop AppDir/Ryujinx.desktop]

/bin/cp

[cp distribution/linux/appimage/AppRun AppDir/AppRun]

/bin/cp

[cp distribution/misc/Logo.svg AppDir/Ryujinx.svg]

/bin/cp

[cp -r publish/* AppDir/usr/bin/]

Network

N/A

Files

/tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop

MD5 870af77d115b10ca5e0254bd723b6e47
SHA1 30979dd8c3988faaf5db82ff61cd8572cc7d4a16
SHA256 a19dc6e539931df63d4813f787c51f460cf72e0c44b20add1c0c6ef56c47d840
SHA512 6b717be5417f0592ce12bf02c14ac905677a1aa72cab81d0cab5dd397d2a40fe9bbd7fdaa289072fe4e482bd102c11f4b1dacec16ad706df4ba37d2908020f27

/tmp/ryujinx-mirror-master/AppDir/AppRun

MD5 902aa5e1030864b07dd970bdd4084b36
SHA1 34bdade1ec19cb81d83aff70d2955c9b1a976c4b
SHA256 bbe31cf20b833e15131527b16a5f1ce8419441f88a4ba43bbb188c88b2fb559c
SHA512 bb923dfd26120e140082adc72220e54a5020e26813f75414225811e067b8e9117dba2bf08eac4566d62eabc99b305b9c2eab1ce30c785cc3c804d612f45caa78

Analysis: behavioral17

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

131s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

Signatures

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

/bin/rm

[rm -rf /Ryujinx.app]

/bin/mkdir

[mkdir -p /Ryujinx.app/Contents]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Frameworks]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/MacOS]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Resources]

/bin/cp

[cp /Ryujinx /Ryujinx.app/Contents/MacOS/Ryujinx]

Network

Country Destination Domain Proto
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.193.91:443 tcp
US 151.101.193.91:443 tcp
N/A 224.0.0.251:5353 udp
GB 89.187.167.3:443 tcp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsbe-20240418-en

Max time kernel

1s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

Signatures

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

/bin/rm

[rm -rf /Ryujinx.app]

/bin/mkdir

[mkdir -p /Ryujinx.app/Contents]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Frameworks]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/MacOS]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Resources]

/bin/cp

[cp /Ryujinx /Ryujinx.app/Contents/MacOS/Ryujinx]

Network

N/A

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240729-en

Max time kernel

3s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/realpath

[realpath /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Network

N/A

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

win10v2004-20241007-en

Max time kernel

130s

Max time network

153s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\bundle_fix_up.py

Signatures

Enumerates physical storage devices

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A
Key created \REGISTRY\USER\S-1-5-21-493223053-2004649691-1575712786-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\bundle_fix_up.py

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 56.163.245.4.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 73.208.201.84.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

win7-20240903-en

Max time kernel

121s

Max time network

124s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\construct_universal_dylib.py

Signatures

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3533259084-2542256011-65585152-1000_Classes\Local Settings C:\Windows\system32\rundll32.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\construct_universal_dylib.py

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\construct_universal_dylib.py

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\construct_universal_dylib.py"

Network

N/A

Files

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

MD5 f51e4095bd43cf5b8a6957f937f6c242
SHA1 6cf4acdfc095fc7961b2c9ff9d3e98def410b425
SHA256 b54fc3fc8b0121a7256aa1951bba574e170a10dc118d5092e64e30d6ef216f43
SHA512 22f2969f15f9d56d3f5838095a095f1821e320ae74e8f41424aec2690b7975fbf786222be5c9226e929698a042d3dd5b0eb12b8ae242a69a29dc930808c0200e

Analysis: behavioral16

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

win10v2004-20241007-en

Max time kernel

147s

Max time network

152s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\construct_universal_dylib.py

Signatures

Enumerates physical storage devices

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\construct_universal_dylib.py

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 215.143.182.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

131s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.193.91:443 tcp
US 151.101.193.91:443 tcp
GB 89.187.167.6:443 tcp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-armhf-20240611-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh]

Network

N/A

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240729-en

Max time kernel

1s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

Signatures

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

/bin/rm

[rm -rf /Ryujinx.app]

/bin/mkdir

[mkdir -p /Ryujinx.app/Contents]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Frameworks]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/MacOS]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Resources]

/bin/cp

[cp /Ryujinx /Ryujinx.app/Contents/MacOS/Ryujinx]

Network

N/A

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

131s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

Signatures

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

/bin/uname

[uname -m]

/sbin/sysctl

[sysctl -in sysctl.proc_translated]

/usr/bin/arch

[arch -x86_64 {0} {1}]

Network

Country Destination Domain Proto
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.193.91:443 tcp
US 151.101.193.91:443 tcp
N/A 224.0.0.251:5353 udp
GB 89.187.167.3:443 tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsbe-20240418-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh]

Network

N/A

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240729-en

Max time kernel

27s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/AppRun]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/usr/bin/Ryujinx.sh]

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

130s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

Signatures

Creates .desktop file

persistence execution
Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/AppRun /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.svg /bin/cp N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/bin/rm

[rm -rf AppDir]

/bin/mkdir

[mkdir -p AppDir/usr/bin]

/bin/cp

[cp distribution/linux/Ryujinx.desktop AppDir/Ryujinx.desktop]

/bin/cp

[cp distribution/linux/appimage/AppRun AppDir/AppRun]

/bin/cp

[cp distribution/misc/Logo.svg AppDir/Ryujinx.svg]

/bin/cp

[cp -r publish/* AppDir/usr/bin/]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.193.91:443 tcp
US 151.101.193.91:443 tcp
GB 195.181.164.14:443 tcp

Files

/tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop

MD5 870af77d115b10ca5e0254bd723b6e47
SHA1 30979dd8c3988faaf5db82ff61cd8572cc7d4a16
SHA256 a19dc6e539931df63d4813f787c51f460cf72e0c44b20add1c0c6ef56c47d840
SHA512 6b717be5417f0592ce12bf02c14ac905677a1aa72cab81d0cab5dd397d2a40fe9bbd7fdaa289072fe4e482bd102c11f4b1dacec16ad706df4ba37d2908020f27

/tmp/ryujinx-mirror-master/AppDir/AppRun

MD5 902aa5e1030864b07dd970bdd4084b36
SHA1 34bdade1ec19cb81d83aff70d2955c9b1a976c4b
SHA256 bbe31cf20b833e15131527b16a5f1ce8419441f88a4ba43bbb188c88b2fb559c
SHA512 bb923dfd26120e140082adc72220e54a5020e26813f75414225811e067b8e9117dba2bf08eac4566d62eabc99b305b9c2eab1ce30c785cc3c804d612f45caa78

Analysis: behavioral18

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-armhf-20240611-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

Signatures

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_app_bundle.sh]

/bin/rm

[rm -rf /Ryujinx.app]

/bin/mkdir

[mkdir -p /Ryujinx.app/Contents]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Frameworks]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/MacOS]

/bin/mkdir

[mkdir /Ryujinx.app/Contents/Resources]

/bin/cp

[cp /Ryujinx /Ryujinx.app/Contents/MacOS/Ryujinx]

Network

N/A

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

debian9-armhf-20240729-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

Signatures

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/online /sbin/sysctl N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /sbin/sysctl N/A
File opened for reading /proc/sys/kernel/osrelease /sbin/sysctl N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

/bin/uname

[uname -m]

/sbin/sysctl

[sysctl -in sysctl.proc_translated]

/usr/bin/arch

[arch -armv7l {0} {1}]

Network

N/A

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

debian9-mipsbe-20240611-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh

[/tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/realpath

[realpath /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/Ryujinx.sh]

Network

N/A

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-armhf-20240611-en

Max time kernel

1s

Command Line

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

Signatures

Creates .desktop file

persistence execution
Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /bin/mkdir N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A
File opened for reading /proc/filesystems /bin/cp N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/AppRun /bin/cp N/A
File opened for modification /tmp/ryujinx-mirror-master/AppDir/Ryujinx.svg /bin/cp N/A

Processes

/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh

[/tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/usr/bin/dirname

[dirname /tmp/ryujinx-mirror-master/distribution/linux/appimage/build-appimage.sh]

/bin/readlink

[readlink -f /tmp/ryujinx-mirror-master/distribution/linux/appimage]

/bin/rm

[rm -rf AppDir]

/bin/mkdir

[mkdir -p AppDir/usr/bin]

/bin/cp

[cp distribution/linux/Ryujinx.desktop AppDir/Ryujinx.desktop]

/bin/cp

[cp distribution/linux/appimage/AppRun AppDir/AppRun]

/bin/cp

[cp distribution/misc/Logo.svg AppDir/Ryujinx.svg]

/bin/cp

[cp -r publish/* AppDir/usr/bin/]

Network

N/A

Files

/tmp/ryujinx-mirror-master/AppDir/Ryujinx.desktop

MD5 870af77d115b10ca5e0254bd723b6e47
SHA1 30979dd8c3988faaf5db82ff61cd8572cc7d4a16
SHA256 a19dc6e539931df63d4813f787c51f460cf72e0c44b20add1c0c6ef56c47d840
SHA512 6b717be5417f0592ce12bf02c14ac905677a1aa72cab81d0cab5dd397d2a40fe9bbd7fdaa289072fe4e482bd102c11f4b1dacec16ad706df4ba37d2908020f27

/tmp/ryujinx-mirror-master/AppDir/AppRun

MD5 902aa5e1030864b07dd970bdd4084b36
SHA1 34bdade1ec19cb81d83aff70d2955c9b1a976c4b
SHA256 bbe31cf20b833e15131527b16a5f1ce8419441f88a4ba43bbb188c88b2fb559c
SHA512 bb923dfd26120e140082adc72220e54a5020e26813f75414225811e067b8e9117dba2bf08eac4566d62eabc99b305b9c2eab1ce30c785cc3c804d612f45caa78

Analysis: behavioral13

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

win7-20240903-en

Max time kernel

122s

Max time network

126s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\bundle_fix_up.py

Signatures

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000_Classes\Local Settings C:\Windows\system32\rundll32.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe N/A

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\bundle_fix_up.py

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\bundle_fix_up.py

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ryujinx-mirror-master\distribution\macos\bundle_fix_up.py"

Network

N/A

Files

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

MD5 dff87badd2fa1f86f264ec158c35e8f8
SHA1 d0f73f696a0e8b764e1eeb1eb2245f08244f957d
SHA256 4a437d5b76940ed8dccea888202e45a9f4a2245f1b91c9159676402e9ffc59b8
SHA512 a1c49a7109b6e101c86b7a76abb497a04d9e3e4d16378b7f5964e2fece2c07bdaa8faa345a88377790fa5ef663991df13c053b51ed53f78bb2c1e52bd935fce1

Analysis: behavioral24

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240611-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_ava.sh]

Network

N/A

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:36

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

131s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Network

Country Destination Domain Proto
GB 185.125.188.61:443 tcp
GB 185.125.188.61:443 tcp
US 151.101.1.91:443 tcp
US 151.101.1.91:443 tcp
N/A 224.0.0.251:5353 udp
GB 195.181.164.17:443 tcp

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-armhf-20240611-en

Max time kernel

0s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Network

N/A

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsbe-20240611-en

Max time kernel

4294966s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Signatures

N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh

[/tmp/ryujinx-mirror-master/distribution/macos/create_macos_build_headless.sh]

Network

N/A

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2024-11-13 11:33

Reported

2024-11-13 11:37

Platform

debian9-mipsel-20240611-en

Max time kernel

2s

Command Line

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

Signatures

Reads CPU attributes

discovery
Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/online /sbin/sysctl N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/filesystems /sbin/sysctl N/A
File opened for reading /proc/sys/kernel/osrelease /sbin/sysctl N/A

System Network Configuration Discovery

discovery
Description Indicator Process Target
N/A N/A /tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh N/A
N/A N/A /usr/bin/arch N/A

Processes

/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh

[/tmp/ryujinx-mirror-master/distribution/macos/shortcut-launch-script.sh]

/bin/uname

[uname -m]

/sbin/sysctl

[sysctl -in sysctl.proc_translated]

/usr/bin/arch

[arch -mips {0} {1}]

Network

N/A

Files

N/A