» PSeMu3.exe
Overview
Analysis
File Details
Network (1)

PSeMu3.exe

PS3 Emulator 1.3.3.9

playstation3emulator.net

The executable PSeMu3.exe has been detected as malware by 9 anti-virus scanners. While running, it connects to the Internet address PROXYSHIELD.gigeservers.net on port 80 using the HTTP protocol.

File name:

PSeMu3.exe

Publisher:

playstation3emulator.net

Product:

PS3 Emulator 1.3.3.9

Description:

PSeMu3

Version:

1.3.3.9

MD5:

e07a6c32a84a3984ed249dd8a3088571

SHA-1:

a1aa63cc836e6a7656652367adc7d8b4ad6b7cf3

SHA-256:

db4b529893cca5291fa37837da4028b02eb4d0b951d30498bb2e89bd44d23cc3

Scanner detections:

9 / 68

Status:

Malware

Analysis date:

4/25/2024 9:19:23 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.1310944

594

Arcabit

Application.Generic.D1400E0

1.0.0.425

Bitdefender

Application.Generic.1310944

1.0.20.855

Comodo Security

UnclassifiedMalware

22330

ESET NOD32

MSIL/Hoax.Agent.NAP (variant)

9.11732

F-Secure

Application.Generic.1310944

11.2015-20-06_7

G Data

Application.Generic.1310944

15.6.25

MicroWorld eScan

Application.Generic.1310944

16.0.0.513

Trend Micro House Call

Suspicious_GEN.F47V0506

7.2.171

File size:

115 KB (117,760 bytes)

Product version:

1.3.3.9

playstation3emulator.net

Original file name:

PSeMu3.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\psemu3\psemu3.exe

File PE Metadata

Compilation timestamp:

4/12/2015 8:55:59 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:eIlq//1xbl/oatD1DUsO8PawS+L24JW3:NU/txbBoatD1DU6PawS+dJW

Entry address:

0x1979E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, AF, B1, 2A, 55, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, A0, 01, 00, 1C, 7C, 01, 00, 52, 53... 
[+]

Entropy:

6.3246

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

94 KB (96,256 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to PROXYSHIELD.gigeservers.net (66.252.2.22:80)

Remove PSeMu3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.