Report - ZeroBOX

ScreenShot

Info
Location map


Created	2025.02.26 10:24	Machine	s1_win7_x6401
Filename	Metin2Release.exe
Type	PE32 executable (GUI) Intel 80386, for MS Windows
AI Score	4	Behavior Score	1.2
ZERO API	file : clean
VT API (file)	1 detected (BScope, Khalesi)
md5	5d155e2650319956e20fb581e6542f3a
sha256	00a571dd44f51629d22b28db2ec2f39c5a4314ecd00c06f1ce42107db2040d10
ssdeep	98304:Zl1g7/lqLxgd0ikYNK33uxr4HGbhZOOqkfhPlE5q4l7ij:Z8lqLxakYNgFmbBhdl4l7K
imphash	2bc0a66b44b87229fb3a36a92501c336
impfuzzy	192:uuFSisDRVxiWdJsp9hT0RnKJzxdnjaCYOKT9wvgxIIZw0N/kNxA9zhxCRWEU1Xd1:uASikxiGKj3UJwvgxIIZw0KcIuFr

Network IP location

Signature (4cnts)

Level	Description
notice	File has been identified by one AntiVirus engine on VirusTotal as malicious
notice	Foreign language identified in PE resource
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)
info	This executable has a PDB path

Rules (7cnts)

Level	Name	Description	Collection
warning	Generic_Malware_Zero	Generic Malware	binaries (upload)
warning	hide_executable_file	Hide executable file	binaries (upload)
watch	Malicious_Library_Zero	Malicious_Library	binaries (upload)
watch	UPX_Zero	UPX packed file	binaries (upload)
info	IsPE32	(no description)	binaries (upload)
info	OS_Processor_Check_Zero	OS Processor Check	binaries (upload)
info	PE_Header_Zero	PE File Signature	binaries (upload)

Network (0cnts) ?

Request	CC	ASN Co	IP4	Rule ?	ZERO ?

Suricata ids

PE API

IAT(Import Address Table) Library

KERNEL32.dll
0x8ba114 GetCommandLineW
0x8ba118 GetCommandLineA
0x8ba11c GetOEMCP
0x8ba120 GetACP
0x8ba124 IsValidCodePage
0x8ba128 FindNextFileW
0x8ba12c FindFirstFileExW
0x8ba130 HeapReAlloc
0x8ba134 SetStdHandle
0x8ba138 SetFileAttributesW
0x8ba13c SetCurrentDirectoryW
0x8ba140 CreateProcessW
0x8ba144 GetExitCodeProcess
0x8ba148 GetTimeZoneInformation
0x8ba14c SetConsoleCtrlHandler
0x8ba150 FlushFileBuffers
0x8ba154 MoveFileExW
0x8ba158 DeleteFileW
0x8ba15c CreateDirectoryW
0x8ba160 GetFileAttributesExW
0x8ba164 EnumSystemLocalesW
0x8ba168 FindClose
0x8ba16c FindNextFileA
0x8ba170 FindFirstFileA
0x8ba174 SetFileAttributesA
0x8ba178 GetEnvironmentStringsW
0x8ba17c SetThreadPriority
0x8ba180 CreateEventA
0x8ba184 InitializeCriticalSection
0x8ba188 LeaveCriticalSection
0x8ba18c GetUserDefaultLCID
0x8ba190 IsValidLocale
0x8ba194 GetLocaleInfoW
0x8ba198 LCMapStringW
0x8ba19c CompareStringW
0x8ba1a0 GetTimeFormatW
0x8ba1a4 GetDateFormatW
0x8ba1a8 ReadConsoleW
0x8ba1ac SetFilePointerEx
0x8ba1b0 GetFileSizeEx
0x8ba1b4 GetConsoleMode
0x8ba1b8 GetConsoleOutputCP
0x8ba1bc HeapAlloc
0x8ba1c0 HeapFree
0x8ba1c4 GetStdHandle
0x8ba1c8 FileTimeToSystemTime
0x8ba1cc SystemTimeToTzSpecificLocalTime
0x8ba1d0 GetFileType
0x8ba1d4 GetFileInformationByHandle
0x8ba1d8 GetFullPathNameW
0x8ba1dc GetDriveTypeW
0x8ba1e0 FreeLibraryAndExitThread
0x8ba1e4 ResumeThread
0x8ba1e8 ExitThread
0x8ba1ec CreateThread
0x8ba1f0 GetModuleHandleExW
0x8ba1f4 ExitProcess
0x8ba1f8 LoadLibraryExW
0x8ba1fc TlsFree
0x8ba200 TlsSetValue
0x8ba204 TlsGetValue
0x8ba208 TlsAlloc
0x8ba20c InitializeCriticalSectionAndSpinCount
0x8ba210 InterlockedFlushSList
0x8ba214 InterlockedPushEntrySList
0x8ba218 EnterCriticalSection
0x8ba21c FreeEnvironmentStringsW
0x8ba220 GetThreadTimes
0x8ba224 SetLastError
0x8ba228 WaitNamedPipeW
0x8ba22c PeekNamedPipe
0x8ba230 GetModuleFileNameW
0x8ba234 GetStartupInfoW
0x8ba238 IsDebuggerPresent
0x8ba23c InitializeSListHead
0x8ba240 TerminateProcess
0x8ba244 UnhandledExceptionFilter
0x8ba248 FindResourceW
0x8ba24c FindResourceA
0x8ba250 SizeofResource
0x8ba254 LoadResource
0x8ba258 LockResource
0x8ba25c CreateFileW
0x8ba260 IsProcessorFeaturePresent
0x8ba264 InterlockedDecrement
0x8ba268 GetProcessHeap
0x8ba26c HeapValidate
0x8ba270 InterlockedIncrement
0x8ba274 GetCPInfo
0x8ba278 CompareStringEx
0x8ba27c CreateSymbolicLinkW
0x8ba280 GetFileInformationByHandleEx
0x8ba284 GetModuleHandleW
0x8ba288 CloseThreadpoolWait
0x8ba28c SetThreadpoolWait
0x8ba290 CreateThreadpoolWait
0x8ba294 CloseThreadpoolTimer
0x8ba298 WaitForThreadpoolTimerCallbacks
0x8ba29c SetThreadpoolTimer
0x8ba2a0 CreateThreadpoolTimer
0x8ba2a4 FreeLibraryWhenCallbackReturns
0x8ba2a8 GetTickCount64
0x8ba2ac GetSystemTimeAsFileTime
0x8ba2b0 GetCurrentProcessorNumber
0x8ba2b4 FlushProcessWriteBuffers
0x8ba2b8 CreateSemaphoreExW
0x8ba2bc CreateEventExW
0x8ba2c0 InitOnceExecuteOnce
0x8ba2c4 GetTempPathW
0x8ba2c8 SetFileInformationByHandle
0x8ba2cc LCMapStringEx
0x8ba2d0 DecodePointer
0x8ba2d4 EncodePointer
0x8ba2d8 InitializeCriticalSectionEx
0x8ba2dc GetLocaleInfoEx
0x8ba2e0 LocalFree
0x8ba2e4 SleepConditionVariableSRW
0x8ba2e8 WakeAllConditionVariable
0x8ba2ec WakeConditionVariable
0x8ba2f0 QueryPerformanceFrequency
0x8ba2f4 DeleteCriticalSection
0x8ba2f8 WaitForSingleObject
0x8ba2fc SetEvent
0x8ba300 Process32Next
0x8ba304 Sleep
0x8ba308 OpenProcess
0x8ba30c Process32First
0x8ba310 GetSystemInfo
0x8ba314 GetLastError
0x8ba318 ReadProcessMemory
0x8ba31c GetCurrentProcess
0x8ba320 Module32Next
0x8ba324 CloseHandle
0x8ba328 Module32First
0x8ba32c GetCurrentProcessId
0x8ba330 SetEnvironmentVariableW
0x8ba334 OutputDebugStringW
0x8ba338 HeapSize
0x8ba33c HeapQueryInformation
0x8ba340 SetEndOfFile
0x8ba344 WriteConsoleW
0x8ba348 GetModuleFileNameA
0x8ba34c MoveFileA
0x8ba350 GetCurrentDirectoryA
0x8ba354 lstrlenA
0x8ba358 GetPrivateProfileStringA
0x8ba35c DeleteFileA
0x8ba360 CreateMutexA
0x8ba364 ReleaseMutex
0x8ba368 RtlUnwind
0x8ba36c GlobalFree
0x8ba370 GetStringTypeW
0x8ba374 FormatMessageA
0x8ba378 GetNativeSystemInfo
0x8ba37c GetExitCodeThread
0x8ba380 SwitchToThread
0x8ba384 WaitForSingleObjectEx
0x8ba388 GetCurrentThreadId
0x8ba38c TryAcquireSRWLockExclusive
0x8ba390 AcquireSRWLockExclusive
0x8ba394 ReleaseSRWLockExclusive
0x8ba398 QueryPerformanceCounter
0x8ba39c CopyFileA
0x8ba3a0 CreateSemaphoreA
0x8ba3a4 ReleaseSemaphore
0x8ba3a8 GetLocaleInfoA
0x8ba3ac CompareStringA
0x8ba3b0 WideCharToMultiByte
0x8ba3b4 lstrlenW
0x8ba3b8 GlobalLock
0x8ba3bc GlobalUnlock
0x8ba3c0 LoadLibraryA
0x8ba3c4 GetProcAddress
0x8ba3c8 FreeLibrary
0x8ba3cc GetVersionExA
0x8ba3d0 GetSystemDirectoryA
0x8ba3d4 WriteFile
0x8ba3d8 SetFilePointer
0x8ba3dc ReadFile
0x8ba3e0 OutputDebugStringA
0x8ba3e4 WinExec
0x8ba3e8 GetModuleHandleA
0x8ba3ec GetCurrentThread
0x8ba3f0 SetUnhandledExceptionFilter
0x8ba3f4 CreateFileMappingA
0x8ba3f8 UnmapViewOfFile
0x8ba3fc MapViewOfFile
0x8ba400 GetFileSize
0x8ba404 CreateFileA
0x8ba408 GlobalAlloc
0x8ba40c GetTempFileNameA
0x8ba410 GetTempPathA
0x8ba414 RemoveDirectoryA
0x8ba418 CreateDirectoryA
0x8ba41c AllocConsole
0x8ba420 CreateToolhelp32Snapshot
0x8ba424 GetTickCount
0x8ba428 GetCurrentDirectoryW
0x8ba42c RaiseException
0x8ba430 MultiByteToWideChar
USER32.dll
0x8ba520 DispatchMessageA
0x8ba524 TranslateMessage
0x8ba528 GetMessageA
0x8ba52c LoadCursorA
0x8ba530 SetWindowLongA
0x8ba534 GetWindowLongA
0x8ba538 AdjustWindowRectEx
0x8ba53c GetWindowRect
0x8ba540 SetWindowTextA
0x8ba544 GetMenu
0x8ba548 RegisterClassA
0x8ba54c GetCursorPos
0x8ba550 ScreenToClient
0x8ba554 FindWindowA
0x8ba558 LoadIconA
0x8ba55c SetWindowPos
0x8ba560 SystemParametersInfoA
0x8ba564 FlashWindowEx
0x8ba568 DestroyIcon
0x8ba56c GetKeyboardLayout
0x8ba570 OpenClipboard
0x8ba574 CloseClipboard
0x8ba578 GetClipboardData
0x8ba57c CharNextW
0x8ba580 CharNextExA
0x8ba584 CharPrevExA
0x8ba588 GetDesktopWindow
0x8ba58c PostQuitMessage
0x8ba590 GetAsyncKeyState
0x8ba594 SetRect
0x8ba598 OffsetRect
0x8ba59c ClientToScreen
0x8ba5a0 PeekMessageA
0x8ba5a4 ReleaseDC
0x8ba5a8 FillRect
0x8ba5ac GetDC
0x8ba5b0 EndPaint
0x8ba5b4 BeginPaint
0x8ba5b8 InvalidateRect
0x8ba5bc UnregisterClassA
0x8ba5c0 DestroyWindow
0x8ba5c4 IsWindow
0x8ba5c8 MoveWindow
0x8ba5cc SetFocus
0x8ba5d0 UpdateWindow
0x8ba5d4 ShowWindow
0x8ba5d8 GetClientRect
0x8ba5dc CreateWindowExA
0x8ba5e0 RegisterClassExA
0x8ba5e4 DefWindowProcA
0x8ba5e8 ShowCursor
0x8ba5ec DestroyCursor
0x8ba5f0 LoadImageA
0x8ba5f4 GetKeyState
0x8ba5f8 SendMessageA
0x8ba5fc SetCursorPos
0x8ba600 MessageBoxA
0x8ba604 LoadStringA
0x8ba608 IsIconic
0x8ba60c GetSystemMetrics
0x8ba610 GetCapture
0x8ba614 DestroyMenu
0x8ba618 TrackPopupMenu
0x8ba61c SetForegroundWindow
0x8ba620 InsertMenuA
0x8ba624 SetCapture
0x8ba628 ReleaseCapture
0x8ba62c ChangeDisplaySettingsA
0x8ba630 CreatePopupMenu
0x8ba634 GetKeyboardLayoutNameA
0x8ba638 SetCursor
GDI32.dll
0x8ba07c DeleteDC
0x8ba080 SelectObject
0x8ba084 SetBkColor
0x8ba088 SetBkMode
0x8ba08c SetDIBitsToDevice
0x8ba090 SetTextColor
0x8ba094 GetStockObject
0x8ba098 PatBlt
0x8ba09c CreateSolidBrush
0x8ba0a0 CreateCompatibleDC
0x8ba0a4 DeleteObject
0x8ba0a8 StretchBlt
0x8ba0ac GetTextExtentPoint32A
0x8ba0b0 EnumFontFamiliesExA
0x8ba0b4 GetPixel
0x8ba0b8 TextOutW
0x8ba0bc GetTextExtentPoint32W
0x8ba0c0 GetCharABCWidthsFloatW
0x8ba0c4 CreateFontIndirectA
0x8ba0c8 TextOutA
0x8ba0cc CreateDIBSection
ADVAPI32.dll
0x8ba000 RegCloseKey
0x8ba004 RegQueryValueExA
0x8ba008 RegOpenKeyA
0x8ba00c RegCreateKeyExW
0x8ba010 RegSetValueExW
0x8ba014 CryptAcquireContextA
0x8ba018 CryptReleaseContext
0x8ba01c CryptGenRandom
0x8ba020 RegOpenKeyExW
0x8ba024 RegOpenKeyExA
0x8ba028 RegQueryValueExW
SHELL32.dll
0x8ba444 Shell_NotifyIconA
0x8ba448 ShellExecuteA
0x8ba44c SHGetSpecialFolderPathA
ole32.dll
0x8baaac CoInitializeEx
0x8baab0 CoUninitialize
0x8baab4 CoInitialize
0x8baab8 CoCreateInstance
WINMM.dll
0x8ba650 timeGetDevCaps
0x8ba654 timeEndPeriod
0x8ba658 timeGetTime
0x8ba65c timeBeginPeriod
d3d8.dll
0x8ba6b4 Direct3DCreate8
python27.dll
0x8baac0 _PyLong_New
0x8baac4 PyMarshal_ReadObjectFromString
0x8baac8 PyCode_New
0x8baacc PyEval_GetRestricted
0x8baad0 PyErr_NoMemory
0x8baad4 PyErr_Occurred
0x8baad8 PyString_FromStringAndSize
0x8baadc PyComplex_FromCComplex
0x8baae0 PyExc_StopIteration
0x8baae4 PyExc_EOFError
0x8baae8 PyExc_ValueError
0x8baaec _Py_EllipsisObject
0x8baaf0 PyFloat_FromDouble
0x8baaf4 _PyLong_FromByteArray
0x8baaf8 PyUnicodeUCS2_DecodeUTF8
0x8baafc PyCode_Type
0x8bab00 Py_OptimizeFlag
0x8bab04 PyEval_EvalCode
0x8bab08 PyCode_Addr2Line
0x8bab0c Py_BuildValue
0x8bab10 Py_InitModule4
0x8bab14 PyModule_AddIntConstant
0x8bab18 PyErr_SetString
0x8bab1c PyExc_RuntimeError
0x8bab20 PyTuple_GetItem
0x8bab24 PyInt_AsLong
0x8bab28 PyList_New
0x8bab2c PyString_FromString
0x8bab30 PyList_Append
0x8bab34 PyTuple_Size
0x8bab38 PyDict_GetItemString
0x8bab3c PyLong_AsLong
0x8bab40 PyLong_FromLongLong
0x8bab44 PyImport_GetMagicNumber
0x8bab48 PyObject_GetAttrString
0x8bab4c PyString_AsString
0x8bab50 PyList_SetItem
0x8bab54 PyDict_New
0x8bab58 PyDict_SetItem
0x8bab5c PyArg_ParseTuple
0x8bab60 PyDict_Size
0x8bab64 PyDict_Next
0x8bab68 PyList_Size
0x8bab6c PyList_GetItem
0x8bab70 PyDict_Keys
0x8bab74 PyDict_Values
0x8bab78 PyLong_AsUnsignedLong
0x8bab7c PyDict_GetItem
0x8bab80 PyLong_AsLongLong
0x8bab84 _PyInt_AsInt
0x8bab88 PyInt_FromLong
0x8bab8c PyObject_AsCharBuffer
0x8bab90 PyTuple_SetItem
0x8bab94 PyImport_ImportModule
0x8bab98 PyString_InternFromString
0x8bab9c PyObject_GetAttr
0x8baba0 PyCallable_Check
0x8baba4 PyFloat_AsDouble
0x8baba8 PyErr_Clear
0x8babac PyErr_BadArgument
0x8babb0 PyErr_Print
0x8babb4 PyObject_CallObject
0x8babb8 PyNumber_Check
0x8babbc _Py_NoneStruct
0x8babc0 PyDict_SetItemString
0x8babc4 PyModule_GetDict
0x8babc8 PyErr_Fetch
0x8babcc Py_SetProgramName
0x8babd0 Py_Initialize
0x8babd4 Py_Finalize
0x8babd8 PyRun_StringFlags
0x8babdc PyEval_SetTrace
0x8babe0 Py_FlushLine
0x8babe4 PyImport_AddModule
0x8babe8 PyTuple_New
DevIL.dll
0x8ba040 ilBindImage
0x8ba044 ilLoad
0x8ba048 ilEnable
0x8ba04c ilOriginFunc
0x8ba050 ilGetInteger
0x8ba054 ilDeleteImages
0x8ba058 ilShutDown
0x8ba05c ilSave
0x8ba060 ilConvertImage
0x8ba064 ilGenImages
0x8ba068 ilInit
0x8ba06c ilSetPixels
0x8ba070 ilCopyPixels
0x8ba074 ilTexImage
IMM32.dll
0x8ba0d4 ImmGetIMEFileNameA
0x8ba0d8 ImmIsIME
0x8ba0dc ImmNotifyIME
0x8ba0e0 ImmGetOpenStatus
0x8ba0e4 ImmSetConversionStatus
0x8ba0e8 ImmGetConversionStatus
0x8ba0ec ImmGetCandidateListW
0x8ba0f0 ImmSetCompositionStringW
0x8ba0f4 ImmGetCompositionStringW
0x8ba0f8 ImmAssociateContext
0x8ba0fc ImmReleaseContext
0x8ba100 ImmGetContext
IPHLPAPI.DLL
0x8ba108 IcmpSendEcho2
0x8ba10c IcmpCreateFile
VERSION.dll
0x8ba640 GetFileVersionInfoSizeA
0x8ba644 GetFileVersionInfoA
0x8ba648 VerQueryValueA
imagehlp.dll
0x8ba7bc GetTimestampForLoadedLibrary
0x8ba7c0 StackWalk
0x8ba7c4 EnumerateLoadedModules
granny2.dll
0x8ba6bc _GrannyFreeControlOnceUnused@4
0x8ba6c0 _GrannyFreeControl@4
0x8ba6c4 _GrannyFindTrackGroupForModel@12
0x8ba6c8 _GrannyGetSourceModel@4
0x8ba6cc _GrannyGetMeshIndexCount@4
0x8ba6d0 _GrannyMeshIsRigid@4
0x8ba6d4 _GrannyGetMeshVertexCount@4
0x8ba6d8 _GrannyGetTotalTypeSize@4
0x8ba6dc _GrannyGetWorldPoseComposite4x4@8
0x8ba6e0 _GrannyGetWorldPose4x4@8
0x8ba6e4 _GrannyFreeWorldPose@4
0x8ba6e8 _GrannyNewWorldPose@4
0x8ba6ec _GrannyFindBoneByName@12
0x8ba6f0 _GrannyGetMeshBindingToBoneIndices@4
0x8ba6f4 _GrannyFreeMeshBinding@4
0x8ba6f8 _GrannyNewMeshBinding@12
0x8ba6fc _GrannyFreeModelInstance@4
0x8ba700 _GrannyInstantiateModel@4
0x8ba704 _GrannyGetWorldPoseComposite4x4Array@4
0x8ba708 _GrannyFreeLocalPose@4
0x8ba70c _GrannyNewLocalPose@4
0x8ba710 _GrannyUpdateModelMatrix@20
0x8ba714 _GrannySampleModelAnimationsAccelerated@20
0x8ba718 _GrannyFreeCompletedModelControls@4
0x8ba71c _GrannySetModelClock@8
0x8ba720 _GrannyGetSourceSkeleton@4
0x8ba724 _GrannyGetFileInfo@4
0x8ba728 _GrannyFreeFile@4
0x8ba72c _GrannyFreeFileSection@8
0x8ba730 _GrannyCompleteControlAt@8
0x8ba734 _GrannyConvertSingleObject@20
0x8ba738 _GrannyFindMatchingMember@16
0x8ba73c _GrannyGetMaterialTextureByType@8
0x8ba740 _GrannySetLogCallback@4
0x8ba744 _GrannyGetControlLoopCount@4
0x8ba748 _GrannyControlIsComplete@4
0x8ba74c _GrannySetControlLoopCount@8
0x8ba750 _GrannyGetControlSpeed@4
0x8ba754 _GrannySetControlEaseOutCurve@28
0x8ba758 _GrannyGetControlRawLocalClock@4
0x8ba75c _GrannySetControlRawLocalClock@8
0x8ba760 _GrannyPlayControlledAnimation@12
0x8ba764 _GrannyBeginControlledAnimation@8
0x8ba768 _GrannyEndControlledAnimation@4
0x8ba76c _GrannySetTrackGroupTarget@12
0x8ba770 _GrannySetTrackGroupLOD@16
0x8ba774 _GrannyGetMeshTriangleGroupCount@4
0x8ba778 _GrannyGetMeshTriangleGroups@4
0x8ba77c _GrannyGetMeshVertexType@4
0x8ba780 _GrannyCopyMeshVertices@12
0x8ba784 _GrannyGetMeshVertices@4
0x8ba788 _GrannyCopyMeshIndices@12
0x8ba78c _GrannySetControlEaseOut@8
0x8ba790 _GrannySetControlEaseInCurve@28
0x8ba794 _GrannySetControlEaseIn@8
0x8ba798 _GrannySetControlSpeed@8
0x8ba79c _GrannyNewMeshDeformer@16
0x8ba7a0 _GrannyFreeMeshDeformer@4
0x8ba7a4 _GrannyDeformVertices@24
0x8ba7a8 GrannyPNT332VertexType
0x8ba7ac _GrannyReadEntireFileFromMemory@8
0x8ba7b0 _GrannyFreeControlIfComplete@4
0x8ba7b4 _GrannyGetControlLocalDuration@4
mss32.dll
0x8ba9d0 _AIL_enumerate_3D_providers@12
0x8ba9d4 _AIL_close_3D_provider@4
0x8ba9d8 _AIL_open_stream@12
0x8ba9dc _AIL_open_digital_driver@16
0x8ba9e0 _AIL_file_type@8
0x8ba9e4 _AIL_decompress_ADPCM@12
0x8ba9e8 _AIL_decompress_ASI@24
0x8ba9ec _AIL_WAV_info@8
0x8ba9f0 _AIL_set_file_callbacks@16
0x8ba9f4 _AIL_open_3D_listener@4
0x8ba9f8 _AIL_file_read@8
0x8ba9fc _AIL_mem_free_lock@4
0x8baa00 _AIL_close_3D_listener@4
0x8baa04 _AIL_set_3D_position@16
0x8baa08 _AIL_set_3D_velocity@20
0x8baa0c _AIL_set_3D_orientation@28
0x8baa10 _AIL_startup@0
0x8baa14 _AIL_shutdown@0
0x8baa18 _AIL_set_redist_directory@4
0x8baa1c _AIL_close_stream@4
0x8baa20 _AIL_start_stream@4
0x8baa24 _AIL_pause_stream@8
0x8baa28 _AIL_set_stream_volume_levels@12
0x8baa2c _AIL_stream_volume_levels@12
0x8baa30 _AIL_set_stream_loop_count@8
0x8baa34 _AIL_stream_status@4
0x8baa38 _AIL_last_error@0
0x8baa3c _AIL_allocate_sample_handle@4
0x8baa40 _AIL_release_sample_handle@4
0x8baa44 _AIL_init_sample@4
0x8baa48 _AIL_set_sample_file@12
0x8baa4c _AIL_start_sample@4
0x8baa50 _AIL_stop_sample@4
0x8baa54 _AIL_resume_sample@4
0x8baa58 _AIL_end_sample@4
0x8baa5c _AIL_set_sample_volume_pan@12
0x8baa60 _AIL_set_sample_loop_count@8
0x8baa64 _AIL_sample_status@4
0x8baa68 _AIL_sample_volume_pan@12
0x8baa6c _AIL_allocate_3D_sample_handle@4
0x8baa70 _AIL_release_3D_sample_handle@4
0x8baa74 _AIL_start_3D_sample@4
0x8baa78 _AIL_stop_3D_sample@4
0x8baa7c _AIL_resume_3D_sample@4
0x8baa80 _AIL_end_3D_sample@4
0x8baa84 _AIL_set_3D_sample_file@8
0x8baa88 _AIL_set_3D_sample_volume@8
0x8baa8c _AIL_set_3D_sample_loop_count@8
0x8baa90 _AIL_3D_sample_status@4
0x8baa94 _AIL_update_3D_position@8
0x8baa98 _AIL_auto_update_3D_position@8
0x8baa9c _AIL_open_3D_provider@4
0x8baaa0 _AIL_3D_sample_volume@4
0x8baaa4 _AIL_close_digital_driver@4
SpeedTreeRT.dll
0x8ba454 ?SetTextureFlip@CSpeedTreeRT@@SAX_N@Z
0x8ba458 ?GetTextures@CSpeedTreeRT@@QBEXAAUSTextures@1@@Z
0x8ba45c ?GetGeometry@CSpeedTreeRT@@QAEXAAUSGeometry@1@KFFF@Z
0x8ba460 ?GetNumFrondLodLevels@CSpeedTreeRT@@QBEGXZ
0x8ba464 ?GetNumLeafLodLevels@CSpeedTreeRT@@QBEGXZ
0x8ba468 ?GetBoundingBox@CSpeedTreeRT@@QBEXPAM@Z
0x8ba46c ?SetLodLimits@CSpeedTreeRT@@QAEXMM@Z
0x8ba470 ?SetDropToBillboard@CSpeedTreeRT@@SAX_N@Z
0x8ba474 ?SetLodLevel@CSpeedTreeRT@@QAEXM@Z
0x8ba478 ?ComputeLodLevel@CSpeedTreeRT@@QAEXXZ
0x8ba47c ?SetFrondWindMethod@CSpeedTreeRT@@QAEXW4EWindMethod@1@@Z
0x8ba480 ?SetBranchWindMethod@CSpeedTreeRT@@QAEXW4EWindMethod@1@@Z
0x8ba484 ?SetLeafWindMethod@CSpeedTreeRT@@QAEXW4EWindMethod@1@@Z
0x8ba488 ?SetNumLeafRockingGroups@CSpeedTreeRT@@QAEXI@Z
0x8ba48c ?GetCollisionObjectCount@CSpeedTreeRT@@QAEIXZ
0x8ba490 ?GetCollisionObject@CSpeedTreeRT@@QAEXIAAW4ECollisionObjectType@1@PAM1@Z
0x8ba494 ?GetCurrentError@CSpeedTreeRT@@SAPBDXZ
0x8ba498 ?GetNumBranchLodLevels@CSpeedTreeRT@@QBEGXZ
0x8ba49c ?SetLocalMatrices@CSpeedTreeRT@@QAEXII@Z
0x8ba4a0 ?SetLeafRockingState@CSpeedTreeRT@@QAEX_N@Z
0x8ba4a4 ?GetFrondMaterial@CSpeedTreeRT@@QBEPBMXZ
0x8ba4a8 ?GetLeafMaterial@CSpeedTreeRT@@QBEPBMXZ
0x8ba4ac ?GetBranchMaterial@CSpeedTreeRT@@QBEPBMXZ
0x8ba4b0 ?GetLeafLightingAdjustment@CSpeedTreeRT@@QBEMXZ
0x8ba4b4 ?SetFrondLightingMethod@CSpeedTreeRT@@QAEXW4ELightingMethod@1@@Z
0x8ba4b8 ?SetLeafLightingMethod@CSpeedTreeRT@@QAEXW4ELightingMethod@1@@Z
0x8ba4bc ?SetBranchLightingMethod@CSpeedTreeRT@@QAEXW4ELightingMethod@1@@Z
0x8ba4c0 ?SetTreePosition@CSpeedTreeRT@@QAEXMMM@Z
0x8ba4c4 ?GetTreePosition@CSpeedTreeRT@@QBEPBMXZ
0x8ba4c8 ?SetTreeSize@CSpeedTreeRT@@QAEXMM@Z
0x8ba4cc ?GetTreeSize@CSpeedTreeRT@@QBEXAAM0@Z
0x8ba4d0 ?LoadTree@CSpeedTreeRT@@QAE_NPBEI@Z
0x8ba4d4 ?LoadTree@CSpeedTreeRT@@QAE_NPBD@Z
0x8ba4d8 ?DeleteTransientData@CSpeedTreeRT@@QAEXXZ
0x8ba4dc ?MakeInstance@CSpeedTreeRT@@QAEPAV1@XZ
0x8ba4e0 ?Compute@CSpeedTreeRT@@QAE_NPBMI_N@Z
0x8ba4e4 ??3CSpeedTreeRT@@SAXPAX@Z
0x8ba4e8 ??2CSpeedTreeRT@@SAPAXI@Z
0x8ba4ec ??1CSpeedTreeRT@@QAE@XZ
0x8ba4f0 ??0CSpeedTreeRT@@QAE@XZ
0x8ba4f4 ??1STextures@CSpeedTreeRT@@QAE@XZ
0x8ba4f8 ??0STextures@CSpeedTreeRT@@QAE@XZ
0x8ba4fc ??1SGeometry@CSpeedTreeRT@@QAE@XZ
0x8ba500 ??0SGeometry@CSpeedTreeRT@@QAE@XZ
0x8ba504 ?SetCamera@CSpeedTreeRT@@SAXPBM0@Z
0x8ba508 ?SetLightAttributes@CSpeedTreeRT@@SAXIPBM@Z
0x8ba50c ?SetLightState@CSpeedTreeRT@@SAXI_N@Z
0x8ba510 ?SetNumWindMatrices@CSpeedTreeRT@@SAXI@Z
0x8ba514 ?SetWindStrength@CSpeedTreeRT@@QAEMMMM@Z
0x8ba518 ?SetTime@CSpeedTreeRT@@SAXM@Z
DINPUT8.dll
0x8ba038 DirectInput8Create
WS2_32.dll
0x8ba664 send
0x8ba668 socket
0x8ba66c WSAGetLastError
0x8ba670 WSAStartup
0x8ba674 __WSAFDIsSet
0x8ba678 htonl
0x8ba67c select
0x8ba680 ntohl
0x8ba684 ntohs
0x8ba688 gethostname
0x8ba68c inet_addr
0x8ba690 inet_ntoa
0x8ba694 gethostbyname
0x8ba698 recv
0x8ba69c ioctlsocket
0x8ba6a0 connect
0x8ba6a4 htons
0x8ba6a8 closesocket
0x8ba6ac WSACleanup
DDRAW.dll
0x8ba030 DirectDrawCreate
libcef.dll
0x8ba7cc cef_post_data_create
0x8ba7d0 cef_response_create
0x8ba7d4 cef_v8stack_trace_get_current
0x8ba7d8 cef_media_router_get_global
0x8ba7dc cef_cookie_manager_get_global_manager
0x8ba7e0 cef_stream_writer_create_for_handler
0x8ba7e4 cef_stream_writer_create_for_file
0x8ba7e8 cef_image_create
0x8ba7ec cef_list_value_create
0x8ba7f0 cef_urlrequest_create
0x8ba7f4 cef_process_message_create
0x8ba7f8 cef_request_create
0x8ba7fc cef_string_multimap_free
0x8ba800 cef_string_multimap_alloc
0x8ba804 cef_string_list_clear
0x8ba808 cef_create_context_shared
0x8ba80c cef_request_context_create_context
0x8ba810 cef_request_context_get_global_context
0x8ba814 cef_drag_data_create
0x8ba818 cef_dictionary_value_create
0x8ba81c cef_v8value_create_function
0x8ba820 cef_v8value_create_array_buffer
0x8ba824 cef_v8value_create_array
0x8ba828 cef_v8value_create_object
0x8ba82c cef_v8value_create_string
0x8ba830 cef_v8value_create_date
0x8ba834 cef_v8value_create_double
0x8ba838 cef_v8value_create_uint
0x8ba83c cef_v8value_create_int
0x8ba840 cef_v8value_create_bool
0x8ba844 cef_v8value_create_null
0x8ba848 cef_v8value_create_undefined
0x8ba84c cef_task_runner_get_for_thread
0x8ba850 cef_task_runner_get_for_current_thread
0x8ba854 cef_string_multimap_append
0x8ba858 cef_string_multimap_value
0x8ba85c cef_menu_model_create
0x8ba860 cef_string_multimap_size
0x8ba864 cef_string_map_append
0x8ba868 cef_string_map_value
0x8ba86c cef_string_map_key
0x8ba870 cef_string_map_size
0x8ba874 cef_string_list_append
0x8ba878 cef_string_list_value
0x8ba87c cef_string_list_size
0x8ba880 cef_value_create
0x8ba884 cef_binary_value_create
0x8ba888 cef_browser_host_create_browser_sync
0x8ba88c cef_browser_host_create_browser
0x8ba890 cef_command_line_get_global
0x8ba894 cef_command_line_create
0x8ba898 cef_string_map_free
0x8ba89c cef_string_map_alloc
0x8ba8a0 cef_v8context_in_context
0x8ba8a4 cef_v8context_get_entered_context
0x8ba8a8 cef_v8context_get_current_context
0x8ba8ac cef_string_wide_to_utf8
0x8ba8b0 cef_log
0x8ba8b4 cef_api_hash
0x8ba8b8 cef_execute_java_script_with_user_gesture_for_tests
0x8ba8bc cef_register_widevine_cdm
0x8ba8c0 cef_is_web_plugin_unstable
0x8ba8c4 cef_register_web_plugin_crash
0x8ba8c8 cef_unregister_internal_web_plugin
0x8ba8cc cef_refresh_web_plugins
0x8ba8d0 cef_visit_web_plugin_info
0x8ba8d4 cef_now_from_system_trace_time
0x8ba8d8 cef_end_tracing
0x8ba8dc cef_begin_tracing
0x8ba8e0 cef_launch_process
0x8ba8e4 cef_get_path
0x8ba8e8 cef_write_json
0x8ba8ec cef_parse_jsonand_return_error
0x8ba8f0 cef_stream_reader_create_for_handler
0x8ba8f4 cef_print_settings_create
0x8ba8f8 cef_post_data_element_create
0x8ba8fc cef_stream_reader_create_for_file
0x8ba900 cef_string_multimap_key
0x8ba904 cef_base64decode
0x8ba908 cef_string_ascii_to_utf16
0x8ba90c cef_string_utf16_cmp
0x8ba910 cef_string_utf16_to_utf8
0x8ba914 cef_string_utf8_clear
0x8ba918 cef_string_utf16_clear
0x8ba91c cef_string_utf8_to_utf16
0x8ba920 cef_parse_json_buffer
0x8ba924 cef_base64encode
0x8ba928 cef_get_extensions_for_mime_type
0x8ba92c cef_uriencode
0x8ba930 cef_get_mime_type
0x8ba934 cef_format_url_for_security_display
0x8ba938 cef_create_url
0x8ba93c cef_parse_url
0x8ba940 cef_clear_cross_origin_whitelist
0x8ba944 cef_remove_cross_origin_whitelist_entry
0x8ba948 cef_add_cross_origin_whitelist_entry
0x8ba94c cef_load_crlsets_file
0x8ba950 cef_zip_directory
0x8ba954 cef_delete_file
0x8ba958 cef_directory_exists
0x8ba95c cef_create_temp_directory_in_directory
0x8ba960 cef_create_new_temp_directory
0x8ba964 cef_get_temp_directory
0x8ba968 cef_create_directory
0x8ba96c cef_set_crash_key_value
0x8ba970 cef_crash_reporting_enabled
0x8ba974 cef_enable_highdpi_support
0x8ba978 cef_set_osmodal_loop
0x8ba97c cef_quit_message_loop
0x8ba980 cef_run_message_loop
0x8ba984 cef_do_message_loop_work
0x8ba988 cef_shutdown
0x8ba98c cef_initialize
0x8ba990 cef_execute_process
0x8ba994 cef_clear_scheme_handler_factories
0x8ba998 cef_register_scheme_handler_factory
0x8ba99c cef_register_extension
0x8ba9a0 cef_post_delayed_task
0x8ba9a4 cef_post_task
0x8ba9a8 cef_currently_on
0x8ba9ac cef_is_cert_status_error
0x8ba9b0 cef_string_list_free
0x8ba9b4 cef_string_list_alloc
0x8ba9b8 cef_string_userfree_utf16_free
0x8ba9bc cef_string_utf16_set
0x8ba9c0 cef_stream_reader_create_for_data
0x8ba9c4 cef_uridecode
0x8ba9c8 cef_parse_json
OLEAUT32.dll
0x8ba438 VariantClear
0x8ba43c SysFreeString

EAT(Export Address Table) is none

Report - Metin2Release.exe

Signature (4cnts)

Rules (7cnts)

Network (0cnts) ?

Suricata ids

PE API

Similarity measure (PE file only) - Checking for service failure