File name:

x360ce.exe

Full analysis: https://app.any.run/tasks/41033a09-518a-49d0-93e8-b1dea65ecbac
Verdict: Malicious activity
Analysis date: December 30, 2020, 21:20:11
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
installer
Indicators:
MIME: application/x-dosexec
File info: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5:

BE80F3348B240BCEE1AA96D33FE0E768

SHA1:

40EA5DE9A7A15F6E0D891CD1BA4BCA8519BB85ED

SHA256:

74FAF334CB0BDD3E9DFAB8C323D4EB3B9B089BCAADC7DBD639D9AA93A4F6F829

SSDEEP:

196608:n+/7/fO/vBSVnf+viDyJBwhsCArf+viDyJBQhsCAaIF/f+viDyJBaF9hsCA6EJ0k:nX/vu0Bwhs8vu0BQhsvFOvu0BaF9hsR

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    • Creates files in the program directory

      • x360ce.exe (PID: 2864)

    • Reads internet explorer settings

      • x360ce.exe (PID: 2864)

    • Searches for installed software

      • x360ce.exe (PID: 2864)

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | InstallShield setup (50.1)
.exe | Win64 Executable (generic) (32.2)
.dll | Win32 Dynamic Link Library (generic) (7.6)
.exe | Win32 Executable (generic) (5.2)
.exe | Generic Win/DOS Executable (2.3)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2020:11:15 18:43:55+01:00
PEType: PE32
LinkerVersion: 48
CodeSize: 15299584
InitializedDataSize: 150016
UninitializedDataSize: -
EntryPoint: 0xe99302
OSVersion: 4
ImageVersion: -
SubsystemVersion: 6
Subsystem: Windows GUI
FileVersionNumber: 4.17.15.0
ProductVersionNumber: 4.17.15.0
FileFlagsMask: 0x003f
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: Neutral
CharacterSet: Unicode
Comments: Wrapper library that translates XInput calls to DirectInput calls, for support old, no XInput compatible gamepads.
CompanyName: Jocys.com
FileDescription: Jocys.com X360 Controller Emulator
FileVersion: 4.17.15.0
InternalName: x360ce.exe
LegalCopyright: Copyright © Jocys.com 2020
LegalTrademarks: -
OriginalFileName: x360ce.exe
ProductName: X360 Controller Emulator
ProductVersion: 4.17.15.0
AssemblyVersion: 4.17.15.0

Summary

Architecture: IMAGE_FILE_MACHINE_I386
Subsystem: IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date: 15-Nov-2020 17:43:55
Debug artifacts:
  • x360ce.pdb
Comments: Wrapper library that translates XInput calls to DirectInput calls, for support old, no XInput compatible gamepads.
CompanyName: Jocys.com
FileDescription: Jocys.com X360 Controller Emulator
FileVersion: 4.17.15.0
InternalName: x360ce.exe
LegalCopyright: Copyright © Jocys.com 2020
LegalTrademarks: -
OriginalFilename: x360ce.exe
ProductName: X360 Controller Emulator
ProductVersion: 4.17.15.0
Assembly Version: 4.17.15.0

DOS Header

Magic number: MZ
Bytes on last page of file: 0x0090
Pages in file: 0x0003
Relocations: 0x0000
Size of header: 0x0004
Min extra paragraphs: 0x0000
Max extra paragraphs: 0xFFFF
Initial SS value: 0x0000
Initial SP value: 0x00B8
Checksum: 0x0000
Initial IP value: 0x0000
Initial CS value: 0x0000
Overlay number: 0x0000
OEM identifier: 0x0000
OEM information: 0x0000
Address of NE header: 0x00000080

PE Headers

Signature: PE
Machine: IMAGE_FILE_MACHINE_I386
Number of sections: 3
Time date stamp: 15-Nov-2020 17:43:55
Pointer to Symbol Table: 0x00000000
Number of symbols: 0
Size of Optional Header: 0x00E0
Characteristics:
  • IMAGE_FILE_EXECUTABLE_IMAGE
  • IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Name
Virtual Address
Virtual Size
Raw Size
Charateristics
Entropy
.text
0x00002000
0x00E97388
0x00E97400
IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
7.83642
.rsrc
0x00E9A000
0x00024674
0x00024800
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
7.54516
.reloc
0x00EC0000
0x0000000C
0x00000200
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
0.10191

Resources

Title
Entropy
Size
Codepage
Language
Type
1
5.00112
490
UNKNOWN
UNKNOWN
RT_MANIFEST
2
3.08832
1640
UNKNOWN
UNKNOWN
RT_ICON
3
3.36053
744
UNKNOWN
UNKNOWN
RT_ICON
4
3.39277
488
UNKNOWN
UNKNOWN
RT_ICON
5
3.21606
296
UNKNOWN
UNKNOWN
RT_ICON
6
7.98706
40752
UNKNOWN
UNKNOWN
RT_ICON
7
4.75134
3752
UNKNOWN
UNKNOWN
RT_ICON
8
5.57652
2216
UNKNOWN
UNKNOWN
RT_ICON
9
5.95419
1736
UNKNOWN
UNKNOWN
RT_ICON
10
4.69682
1384
UNKNOWN
UNKNOWN
RT_ICON

Imports

mscoree.dll
No data.
screenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
33
Monitored processes
1
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start x360ce.exe

Process information

PID
CMD
Path
Indicators
Parent process
2864"C:\Users\admin\AppData\Local\Temp\x360ce.exe" C:\Users\admin\AppData\Local\Temp\x360ce.exe
explorer.exe
User:
admin
Company:
Jocys.com
Integrity Level:
MEDIUM
Description:
Jocys.com X360 Controller Emulator
Exit code:
0
Version:
4.17.15.0
Modules
Images
c:\users\admin\appdata\local\temp\x360ce.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
Total events
398
Read events
398
Write events
0
Delete events
0

Modification events

No data
Executable files
0
Suspicious files
0
Text files
12
Unknown types
0

Dropped files

PID
Process
Filename
Type
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.UserGames.xmltext
MD5:
SHA256:
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.Options.xmltext
MD5:0345954272C3992AA160F10A89DAF02C
SHA256:758CFD9446A8850B43C974344C1B464B77D2A825D2771D65FBDDEB040B0EBA14
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.Programs.xmltext
MD5:FF3EE9530247EFA888D7A24611B1BDCD
SHA256:57C26E543061F382AA15F2621C0891BD7428424CA49D6155B0257CE2AE83277C
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.UserSettings.xmltext
MD5:9D099E80ECF73BE1610855B3A84EC8B5
SHA256:A30B3506B24AD894638E6995FD7E0D257F4A5378B7F8105298D56C996EAD9493
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.Presets.xmltext
MD5:E22EF49BE69AF14AAA588938A80FFB3C
SHA256:D874CCA7E90E93FBD217C3924E5F01FE7DD5B92D83456C0B86284AB1693B923F
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.Summaries.xmltext
MD5:86EF143234C7C15066AE67732A42A257
SHA256:352789A74CB6D9187BFEDED112F8A780E9A5F59D0BD713F896A9AF736C4CCA92
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.UserMacros.xmltext
MD5:8737567F5B4A25C6F1FD0F37803C5E1F
SHA256:6BEB7E262E173440ED8B59EEB1B376D8B6D4DFF15CE01E4979221202ADE75A9D
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.Layouts.xmltext
MD5:E6C10E8851EB987D3FBF5F146066870A
SHA256:A61D1C2E1AC1EC273A40B1069A31E15C3FCA76F9792E2B0C156B124A4A7C32FA
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.PadSettings.xmltext
MD5:518B7E8043729212AEF492310F8CF421
SHA256:9AA4B9AC4E8A18BB2C9ECE24E007171B19999CBAC70A6567D171811599010732
2864x360ce.exeC:\ProgramData\X360CE\Settings\x360ce.UserDevices.xmltext
MD5:C59E2E26ABA4EB3B1C699838DD452276
SHA256:613E34FD780F73E981004D0B3AF9D6F39C86438B3B665DFFC230A9F852A206FC
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
Process
Message
x360ce.exe
InitializeServices
x360ce.exe
InitializeServices
x360ce.exe
x360ce.exe Information: 0 :
x360ce.exe
InitializeCloudClient
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
x360ce.exe