ScreenShot
| Created | 2024.08.12 08:52 | Machine | s1_win7_x6401 |
| Filename | g2m.dll | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 78027fc67b06851223c13def07c4abd3 | ||
| sha256 | 33f732793ab4bf584e843b921122dbfc92d2017e6b07758c6b4119d34a389650 | ||
| ssdeep | 6144:e/tGvR6jAvLYCfNdrVD49mkqjLeM4ZWhdR/WQy5tjQ4qqcLpH0:eMpvDNA9mkqJzhdR/da0LpH0 | ||
| imphash | 02c070dae0519c1a38259cfc7d6dc78e | ||
| impfuzzy | 24:vCrDlqTXjDIdeO/j8CaGJzrbu9NOThOove0fVjEgn0EMjvqnnlm9FuMQcfWhGdj4:rXo8OgGVo08enA9FWcfAGdjt1WRB | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x10039010 GetNativeSystemInfo
0x10039014 VirtualQuery
0x10039018 VirtualFree
0x1003901c VirtualProtect
0x10039020 GetSystemInfo
0x10039024 CreateFileMappingW
0x10039028 MapViewOfFile
0x1003902c UnmapViewOfFile
0x10039030 HeapSize
0x10039034 GetProcAddress
0x10039038 FreeEnvironmentStringsW
0x1003903c GetLastError
0x10039040 SetThreadStackGuarantee
0x10039044 CreateWaitableTimerExW
0x10039048 SetWaitableTimer
0x1003904c WaitForSingleObject
0x10039050 Sleep
0x10039054 QueryPerformanceCounter
0x10039058 GetModuleHandleA
0x1003905c GetCurrentProcess
0x10039060 GetCurrentThread
0x10039064 RtlCaptureContext
0x10039068 ReleaseMutex
0x1003906c SetLastError
0x10039070 GetCurrentDirectoryW
0x10039074 GetEnvironmentStringsW
0x10039078 GetEnvironmentVariableW
0x1003907c GetStringTypeW
0x10039080 GetCommandLineW
0x10039084 FlushFileBuffers
0x10039088 SetFileInformationByHandle
0x1003908c SetFilePointerEx
0x10039090 SetStdHandle
0x10039094 GetConsoleOutputCP
0x10039098 WriteFile
0x1003909c GetCommandLineA
0x100390a0 GetCPInfo
0x100390a4 GetOEMCP
0x100390a8 GetACP
0x100390ac IsValidCodePage
0x100390b0 FindFirstFileExW
0x100390b4 GetStdHandle
0x100390b8 GetCurrentProcessId
0x100390bc SetHandleInformation
0x100390c0 TerminateProcess
0x100390c4 CloseHandle
0x100390c8 VirtualAlloc
0x100390cc HeapFree
0x100390d0 LCMapStringW
0x100390d4 HeapReAlloc
0x100390d8 WaitForSingleObjectEx
0x100390dc LoadLibraryA
0x100390e0 lstrlenW
0x100390e4 CreateMutexA
0x100390e8 GetProcessHeap
0x100390ec HeapAlloc
0x100390f0 FindNextFileW
0x100390f4 FindClose
0x100390f8 CreateFileW
0x100390fc GetFileInformationByHandle
0x10039100 GetFileInformationByHandleEx
0x10039104 ReadFile
0x10039108 GetModuleHandleExW
0x1003910c GetConsoleMode
0x10039110 GetFileType
0x10039114 LoadLibraryExW
0x10039118 FreeLibrary
0x1003911c InitializeCriticalSectionAndSpinCount
0x10039120 GetModuleHandleW
0x10039124 FormatMessageW
0x10039128 GetModuleFileNameW
0x1003912c ExitProcess
0x10039130 MultiByteToWideChar
0x10039134 WriteConsoleW
0x10039138 WideCharToMultiByte
0x1003913c ReadConsoleW
0x10039140 CreateThread
0x10039144 InitOnceBeginInitialize
0x10039148 TlsAlloc
0x1003914c InitOnceComplete
0x10039150 TlsFree
0x10039154 TlsGetValue
0x10039158 TlsSetValue
0x1003915c GetFullPathNameW
0x10039160 DeleteCriticalSection
0x10039164 LeaveCriticalSection
0x10039168 EnterCriticalSection
0x1003916c EncodePointer
0x10039170 InterlockedFlushSList
0x10039174 RaiseException
0x10039178 RtlUnwind
0x1003917c GetCurrentThreadId
0x10039180 GetSystemTimeAsFileTime
0x10039184 InitializeSListHead
0x10039188 IsDebuggerPresent
0x1003918c UnhandledExceptionFilter
0x10039190 SetUnhandledExceptionFilter
0x10039194 GetStartupInfoW
0x10039198 IsProcessorFeaturePresent
0x1003919c DecodePointer
ws2_32.dll
0x100391b4 listen
0x100391b8 WSAStartup
0x100391bc getaddrinfo
0x100391c0 WSASocketW
0x100391c4 WSAGetLastError
0x100391c8 closesocket
0x100391cc freeaddrinfo
0x100391d0 ind
0x100391d4 WSACleanup
api-ms-win-core-synch-l1-2-0.dll
0x10039000 WakeByAddressSingle
0x10039004 WakeByAddressAll
0x10039008 WaitOnAddress
ntdll.dll
0x100391a4 RtlNtStatusToDosError
0x100391a8 NtReadFile
0x100391ac NtWriteFile
EAT(Export Address Table) Library
0x10001db0 DllMain
0x10001620 g2mchat_winmain
0x10001620 g2mcomm_winmain
0x10001620 g2mfeedback_winmain
0x10001620 g2mhost_winmain
0x10001620 g2minstaller_winmain
0x10001620 g2minsthigh_winmain
0x10001620 g2mlauncher_winmain
0x10001620 g2mmatchmaking_winmain
0x10001620 g2mmaterials_winmain
0x10001620 g2mpolling_winmain
0x10001620 g2mqanda_winmain
0x10001620 g2mrecorder_winmain
0x10001620 g2msessioncontrol_winmain
0x10001620 g2mstart_winmain
0x10001620 g2mtesting_winmain
0x10001620 g2mtranscoder_winmain
0x10001620 g2mui_winmain
0x10001620 g2muninstall_winmain
0x10001620 g2mvideoconference_winmain
0x10001620 g2mview_winmain
kernel32.dll
0x10039010 GetNativeSystemInfo
0x10039014 VirtualQuery
0x10039018 VirtualFree
0x1003901c VirtualProtect
0x10039020 GetSystemInfo
0x10039024 CreateFileMappingW
0x10039028 MapViewOfFile
0x1003902c UnmapViewOfFile
0x10039030 HeapSize
0x10039034 GetProcAddress
0x10039038 FreeEnvironmentStringsW
0x1003903c GetLastError
0x10039040 SetThreadStackGuarantee
0x10039044 CreateWaitableTimerExW
0x10039048 SetWaitableTimer
0x1003904c WaitForSingleObject
0x10039050 Sleep
0x10039054 QueryPerformanceCounter
0x10039058 GetModuleHandleA
0x1003905c GetCurrentProcess
0x10039060 GetCurrentThread
0x10039064 RtlCaptureContext
0x10039068 ReleaseMutex
0x1003906c SetLastError
0x10039070 GetCurrentDirectoryW
0x10039074 GetEnvironmentStringsW
0x10039078 GetEnvironmentVariableW
0x1003907c GetStringTypeW
0x10039080 GetCommandLineW
0x10039084 FlushFileBuffers
0x10039088 SetFileInformationByHandle
0x1003908c SetFilePointerEx
0x10039090 SetStdHandle
0x10039094 GetConsoleOutputCP
0x10039098 WriteFile
0x1003909c GetCommandLineA
0x100390a0 GetCPInfo
0x100390a4 GetOEMCP
0x100390a8 GetACP
0x100390ac IsValidCodePage
0x100390b0 FindFirstFileExW
0x100390b4 GetStdHandle
0x100390b8 GetCurrentProcessId
0x100390bc SetHandleInformation
0x100390c0 TerminateProcess
0x100390c4 CloseHandle
0x100390c8 VirtualAlloc
0x100390cc HeapFree
0x100390d0 LCMapStringW
0x100390d4 HeapReAlloc
0x100390d8 WaitForSingleObjectEx
0x100390dc LoadLibraryA
0x100390e0 lstrlenW
0x100390e4 CreateMutexA
0x100390e8 GetProcessHeap
0x100390ec HeapAlloc
0x100390f0 FindNextFileW
0x100390f4 FindClose
0x100390f8 CreateFileW
0x100390fc GetFileInformationByHandle
0x10039100 GetFileInformationByHandleEx
0x10039104 ReadFile
0x10039108 GetModuleHandleExW
0x1003910c GetConsoleMode
0x10039110 GetFileType
0x10039114 LoadLibraryExW
0x10039118 FreeLibrary
0x1003911c InitializeCriticalSectionAndSpinCount
0x10039120 GetModuleHandleW
0x10039124 FormatMessageW
0x10039128 GetModuleFileNameW
0x1003912c ExitProcess
0x10039130 MultiByteToWideChar
0x10039134 WriteConsoleW
0x10039138 WideCharToMultiByte
0x1003913c ReadConsoleW
0x10039140 CreateThread
0x10039144 InitOnceBeginInitialize
0x10039148 TlsAlloc
0x1003914c InitOnceComplete
0x10039150 TlsFree
0x10039154 TlsGetValue
0x10039158 TlsSetValue
0x1003915c GetFullPathNameW
0x10039160 DeleteCriticalSection
0x10039164 LeaveCriticalSection
0x10039168 EnterCriticalSection
0x1003916c EncodePointer
0x10039170 InterlockedFlushSList
0x10039174 RaiseException
0x10039178 RtlUnwind
0x1003917c GetCurrentThreadId
0x10039180 GetSystemTimeAsFileTime
0x10039184 InitializeSListHead
0x10039188 IsDebuggerPresent
0x1003918c UnhandledExceptionFilter
0x10039190 SetUnhandledExceptionFilter
0x10039194 GetStartupInfoW
0x10039198 IsProcessorFeaturePresent
0x1003919c DecodePointer
ws2_32.dll
0x100391b4 listen
0x100391b8 WSAStartup
0x100391bc getaddrinfo
0x100391c0 WSASocketW
0x100391c4 WSAGetLastError
0x100391c8 closesocket
0x100391cc freeaddrinfo
0x100391d0 ind
0x100391d4 WSACleanup
api-ms-win-core-synch-l1-2-0.dll
0x10039000 WakeByAddressSingle
0x10039004 WakeByAddressAll
0x10039008 WaitOnAddress
ntdll.dll
0x100391a4 RtlNtStatusToDosError
0x100391a8 NtReadFile
0x100391ac NtWriteFile
EAT(Export Address Table) Library
0x10001db0 DllMain
0x10001620 g2mchat_winmain
0x10001620 g2mcomm_winmain
0x10001620 g2mfeedback_winmain
0x10001620 g2mhost_winmain
0x10001620 g2minstaller_winmain
0x10001620 g2minsthigh_winmain
0x10001620 g2mlauncher_winmain
0x10001620 g2mmatchmaking_winmain
0x10001620 g2mmaterials_winmain
0x10001620 g2mpolling_winmain
0x10001620 g2mqanda_winmain
0x10001620 g2mrecorder_winmain
0x10001620 g2msessioncontrol_winmain
0x10001620 g2mstart_winmain
0x10001620 g2mtesting_winmain
0x10001620 g2mtranscoder_winmain
0x10001620 g2mui_winmain
0x10001620 g2muninstall_winmain
0x10001620 g2mvideoconference_winmain
0x10001620 g2mview_winmain