ScreenShot
| Created | 2021.06.05 21:42 | Machine | s1_win7_x6401 |
| Filename | inst77player_1.0.0.1.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 5c71794e0bfd811534ff4117687d26e2 | ||
| sha256 | f5740aded1f401665ab8bde43afee5dc0b01aa8aacabe9b8bb61b1ef52134a39 | ||
| ssdeep | 6144:urlwH4rQ6Q1pyu6r0eT1CS2a1zd6zEPLOJl7yeMuVLot:R4ULa0eTWcLO4uw | ||
| imphash | 12082e77cfc7e34f96f21f95764c8ac3 | ||
| impfuzzy | 48:StemK6ssO0whqL8r5+tAlt8tz4e3JObGLlx0QSv7XEFpV74dEQT+EQX/1EowhS5z:St7K6dPwhR2vBVTbOq | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Queries for potentially installed applications |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x408064 GetShortPathNameA
0x408068 GetFullPathNameA
0x40806c MoveFileA
0x408070 GetLastError
0x408074 SetCurrentDirectoryA
0x408078 GetFileAttributesA
0x40807c SearchPathA
0x408080 SetFileAttributesA
0x408084 Sleep
0x408088 GetTickCount
0x40808c GetFileSize
0x408090 GetModuleFileNameA
0x408094 GetCurrentProcess
0x408098 CopyFileA
0x40809c ExitProcess
0x4080a0 GetWindowsDirectoryA
0x4080a4 SetFileTime
0x4080a8 CompareFileTime
0x4080ac lstrlenA
0x4080b0 GetVersion
0x4080b4 SetErrorMode
0x4080b8 lstrcpynA
0x4080bc GetDiskFreeSpaceA
0x4080c0 GlobalUnlock
0x4080c4 GlobalLock
0x4080c8 CreateThread
0x4080cc CreateDirectoryA
0x4080d0 CreateProcessA
0x4080d4 RemoveDirectoryA
0x4080d8 CreateFileA
0x4080dc GetTempFileNameA
0x4080e0 lstrcatA
0x4080e4 GetSystemDirectoryA
0x4080e8 CloseHandle
0x4080ec lstrcmpiA
0x4080f0 lstrcmpA
0x4080f4 ExpandEnvironmentStringsA
0x4080f8 GlobalFree
0x4080fc GlobalAlloc
0x408100 WaitForSingleObject
0x408104 GetExitCodeProcess
0x408108 GetCommandLineA
0x40810c GetTempPathA
0x408110 GetProcAddress
0x408114 DeleteFileA
0x408118 FindFirstFileA
0x40811c FindNextFileA
0x408120 FindClose
0x408124 SetFilePointer
0x408128 ReadFile
0x40812c WriteFile
0x408130 GetPrivateProfileStringA
0x408134 WritePrivateProfileStringA
0x408138 MultiByteToWideChar
0x40813c FreeLibrary
0x408140 MulDiv
0x408144 LoadLibraryExA
0x408148 GetModuleHandleA
USER32.dll
0x40816c GetWindowRect
0x408170 EnableMenuItem
0x408174 GetSystemMenu
0x408178 ScreenToClient
0x40817c SetClassLongA
0x408180 IsWindowEnabled
0x408184 SetWindowPos
0x408188 GetSysColor
0x40818c GetWindowLongA
0x408190 SetCursor
0x408194 LoadCursorA
0x408198 CheckDlgButton
0x40819c GetAsyncKeyState
0x4081a0 IsDlgButtonChecked
0x4081a4 GetMessagePos
0x4081a8 LoadBitmapA
0x4081ac CallWindowProcA
0x4081b0 IsWindowVisible
0x4081b4 CloseClipboard
0x4081b8 SystemParametersInfoA
0x4081bc RegisterClassA
0x4081c0 EndDialog
0x4081c4 TrackPopupMenu
0x4081c8 AppendMenuA
0x4081cc CreatePopupMenu
0x4081d0 GetSystemMetrics
0x4081d4 SetDlgItemTextA
0x4081d8 GetDlgItemTextA
0x4081dc MessageBoxIndirectA
0x4081e0 CharPrevA
0x4081e4 wvsprintfA
0x4081e8 DispatchMessageA
0x4081ec PeekMessageA
0x4081f0 EnableWindow
0x4081f4 InvalidateRect
0x4081f8 SendMessageA
0x4081fc DefWindowProcA
0x408200 BeginPaint
0x408204 GetClientRect
0x408208 FillRect
0x40820c DrawTextA
0x408210 EndPaint
0x408214 CreateWindowExA
0x408218 GetClassInfoA
0x40821c DialogBoxParamA
0x408220 CharNextA
0x408224 SetTimer
0x408228 OpenClipboard
0x40822c SetWindowTextA
0x408230 GetDC
0x408234 LoadImageA
0x408238 ShowWindow
0x40823c wsprintfA
0x408240 SendMessageTimeoutA
0x408244 FindWindowExA
0x408248 IsWindow
0x40824c GetDlgItem
0x408250 SetWindowLongA
0x408254 SetClipboardData
0x408258 EmptyClipboard
0x40825c DestroyWindow
0x408260 ExitWindowsEx
0x408264 SetForegroundWindow
0x408268 PostQuitMessage
0x40826c CreateDialogParamA
GDI32.dll
0x408040 SelectObject
0x408044 SetTextColor
0x408048 SetBkMode
0x40804c CreateFontIndirectA
0x408050 CreateBrushIndirect
0x408054 DeleteObject
0x408058 GetDeviceCaps
0x40805c SetBkColor
SHELL32.dll
0x408150 SHGetSpecialFolderLocation
0x408154 SHGetPathFromIDListA
0x408158 SHBrowseForFolderA
0x40815c SHGetFileInfoA
0x408160 ShellExecuteA
0x408164 SHFileOperationA
ADVAPI32.dll
0x408000 RegDeleteValueA
0x408004 SetFileSecurityA
0x408008 RegOpenKeyExA
0x40800c RegDeleteKeyA
0x408010 RegEnumValueA
0x408014 RegCloseKey
0x408018 RegCreateKeyExA
0x40801c RegSetValueExA
0x408020 RegQueryValueExA
0x408024 RegEnumKeyA
COMCTL32.dll
0x40802c ImageList_Create
0x408030 ImageList_Destroy
0x408034 None
0x408038 ImageList_AddMasked
ole32.dll
0x408274 OleUninitialize
0x408278 OleInitialize
0x40827c CoTaskMemFree
0x408280 CoCreateInstance
EAT(Export Address Table) is none
KERNEL32.dll
0x408064 GetShortPathNameA
0x408068 GetFullPathNameA
0x40806c MoveFileA
0x408070 GetLastError
0x408074 SetCurrentDirectoryA
0x408078 GetFileAttributesA
0x40807c SearchPathA
0x408080 SetFileAttributesA
0x408084 Sleep
0x408088 GetTickCount
0x40808c GetFileSize
0x408090 GetModuleFileNameA
0x408094 GetCurrentProcess
0x408098 CopyFileA
0x40809c ExitProcess
0x4080a0 GetWindowsDirectoryA
0x4080a4 SetFileTime
0x4080a8 CompareFileTime
0x4080ac lstrlenA
0x4080b0 GetVersion
0x4080b4 SetErrorMode
0x4080b8 lstrcpynA
0x4080bc GetDiskFreeSpaceA
0x4080c0 GlobalUnlock
0x4080c4 GlobalLock
0x4080c8 CreateThread
0x4080cc CreateDirectoryA
0x4080d0 CreateProcessA
0x4080d4 RemoveDirectoryA
0x4080d8 CreateFileA
0x4080dc GetTempFileNameA
0x4080e0 lstrcatA
0x4080e4 GetSystemDirectoryA
0x4080e8 CloseHandle
0x4080ec lstrcmpiA
0x4080f0 lstrcmpA
0x4080f4 ExpandEnvironmentStringsA
0x4080f8 GlobalFree
0x4080fc GlobalAlloc
0x408100 WaitForSingleObject
0x408104 GetExitCodeProcess
0x408108 GetCommandLineA
0x40810c GetTempPathA
0x408110 GetProcAddress
0x408114 DeleteFileA
0x408118 FindFirstFileA
0x40811c FindNextFileA
0x408120 FindClose
0x408124 SetFilePointer
0x408128 ReadFile
0x40812c WriteFile
0x408130 GetPrivateProfileStringA
0x408134 WritePrivateProfileStringA
0x408138 MultiByteToWideChar
0x40813c FreeLibrary
0x408140 MulDiv
0x408144 LoadLibraryExA
0x408148 GetModuleHandleA
USER32.dll
0x40816c GetWindowRect
0x408170 EnableMenuItem
0x408174 GetSystemMenu
0x408178 ScreenToClient
0x40817c SetClassLongA
0x408180 IsWindowEnabled
0x408184 SetWindowPos
0x408188 GetSysColor
0x40818c GetWindowLongA
0x408190 SetCursor
0x408194 LoadCursorA
0x408198 CheckDlgButton
0x40819c GetAsyncKeyState
0x4081a0 IsDlgButtonChecked
0x4081a4 GetMessagePos
0x4081a8 LoadBitmapA
0x4081ac CallWindowProcA
0x4081b0 IsWindowVisible
0x4081b4 CloseClipboard
0x4081b8 SystemParametersInfoA
0x4081bc RegisterClassA
0x4081c0 EndDialog
0x4081c4 TrackPopupMenu
0x4081c8 AppendMenuA
0x4081cc CreatePopupMenu
0x4081d0 GetSystemMetrics
0x4081d4 SetDlgItemTextA
0x4081d8 GetDlgItemTextA
0x4081dc MessageBoxIndirectA
0x4081e0 CharPrevA
0x4081e4 wvsprintfA
0x4081e8 DispatchMessageA
0x4081ec PeekMessageA
0x4081f0 EnableWindow
0x4081f4 InvalidateRect
0x4081f8 SendMessageA
0x4081fc DefWindowProcA
0x408200 BeginPaint
0x408204 GetClientRect
0x408208 FillRect
0x40820c DrawTextA
0x408210 EndPaint
0x408214 CreateWindowExA
0x408218 GetClassInfoA
0x40821c DialogBoxParamA
0x408220 CharNextA
0x408224 SetTimer
0x408228 OpenClipboard
0x40822c SetWindowTextA
0x408230 GetDC
0x408234 LoadImageA
0x408238 ShowWindow
0x40823c wsprintfA
0x408240 SendMessageTimeoutA
0x408244 FindWindowExA
0x408248 IsWindow
0x40824c GetDlgItem
0x408250 SetWindowLongA
0x408254 SetClipboardData
0x408258 EmptyClipboard
0x40825c DestroyWindow
0x408260 ExitWindowsEx
0x408264 SetForegroundWindow
0x408268 PostQuitMessage
0x40826c CreateDialogParamA
GDI32.dll
0x408040 SelectObject
0x408044 SetTextColor
0x408048 SetBkMode
0x40804c CreateFontIndirectA
0x408050 CreateBrushIndirect
0x408054 DeleteObject
0x408058 GetDeviceCaps
0x40805c SetBkColor
SHELL32.dll
0x408150 SHGetSpecialFolderLocation
0x408154 SHGetPathFromIDListA
0x408158 SHBrowseForFolderA
0x40815c SHGetFileInfoA
0x408160 ShellExecuteA
0x408164 SHFileOperationA
ADVAPI32.dll
0x408000 RegDeleteValueA
0x408004 SetFileSecurityA
0x408008 RegOpenKeyExA
0x40800c RegDeleteKeyA
0x408010 RegEnumValueA
0x408014 RegCloseKey
0x408018 RegCreateKeyExA
0x40801c RegSetValueExA
0x408020 RegQueryValueExA
0x408024 RegEnumKeyA
COMCTL32.dll
0x40802c ImageList_Create
0x408030 ImageList_Destroy
0x408034 None
0x408038 ImageList_AddMasked
ole32.dll
0x408274 OleUninitialize
0x408278 OleInitialize
0x40827c CoTaskMemFree
0x408280 CoCreateInstance
EAT(Export Address Table) is none