SonicMania[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SonicMania.exe
Size

45.8MB
MD5

55e317f9bfe2abdd24616eb9bf3caad8
SHA1

664756ed4ed8a1fbbfe08e3892d00aaba3d26338
SHA256

df36c9f04f76c9695938f3e7f92df6fb4ff6771debadaee5927f69cc16c1a0cf
SHA512

6c6d0ece2ce7348b0c091c4456deb557ab9688d7229b8b518e4f9488c288e8c0d2c609d6c404c1cde4e98dc340cd1ee81be8b496cf57c3f32dfff2712e06536b
SSDEEP

786432:BZeoiNNSne6GDe3inf3DUQsRBNWSHc7+FyCLBgKRJc:BZeoifSnIeSf3DUQsRBNk+0pKT

Score

1^/10

Malware Config

Signatures

Files

SonicMania.exe
.exe windows x86

659783eae81e34c83623bc6f14566764

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptGenRandom
CryptGetHashParam
CryptHashData
CryptImportKey
CryptReleaseContext
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW

api-ms-win-crt-convert-l1-1-0

atof
atoi
strtol
strtoll
strtoul

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-filesystem-l1-1-0

_stat64
_fstat64

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-math-l1-1-0

_CIatan2
__setusermatherr
_except1
_libm_sse2_acos_precise
_libm_sse2_asin_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise
_libm_sse2_log_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
floor
ldexp

api-ms-win-crt-multibyte-l1-1-0

_mbsnbcpy
_mbspbrk
_mbschr

api-ms-win-crt-runtime-l1-1-0

__sys_nerr
_beginthreadex
_c_exit
_cexit
_configure_narrow_argv
_controlfp_s
_crt_atexit
_errno
_exit
_get_narrow_winmain_command_line
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_set_app_type
exit
strerror
terminate

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
_close
_lseeki64
_open
_read
_set_fmode
_write
fclose
feof
ferror
fflush
fgets
fopen
fputc
fputs
fread
freopen
fseek
ftell
fwrite

api-ms-win-crt-string-l1-1-0

_strdup
isalnum
isalpha
isdigit
isgraph
islower
isprint
isspace
isupper
isxdigit
strcpy_s
strncmp
strncpy
strpbrk
strtok
tolower

api-ms-win-crt-time-l1-1-0

_gmtime64
_gmtime64_s
_time32
_time64
strftime

api-ms-win-crt-utility-l1-1-0

rand
qsort

comctl32

ord17

crypt32

CertFreeCertificateContext

d3d9

Direct3DCreate9

gdi32

CreateFontIndirectA
DeleteObject
GetObjectA
GetStockObject
GetTextExtentPoint32W
SelectObject
SetTextColor

kernel32

AddVectoredExceptionHandler
AllocConsole
AttachConsole
CloseHandle
CreateDirectoryW
CreateEventA
CreateFileMappingA
CreateFileW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FormatMessageA
FreeConsole
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetThreadContext
GetTickCount64
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
OpenThread
OutputDebugStringA
PeekNamedPipe
Process32First
Process32Next
QueryFullProcessImageNameW
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
RemoveVectoredExceptionHandler
ResumeThread
SetEnvironmentVariableA
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepEx
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoA
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpiA
lstrcpyW
lstrlenA
lstrlenW

msvcp140

??0_Locinfo@std@@QAE@PBD@Z
??0codecvt_base@std@@QAE@I@Z
??1_Locinfo@std@@QAE@XZ
??1codecvt_base@std@@UAE@XZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??Bid@locale@std@@QAEIXZ
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?do_encoding@codecvt_base@std@@MBEHXZ
?do_max_length@codecvt_base@std@@MBEHXZ

ole32

CoCreateGuid
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

shell32

SHGetKnownFolderPath
ShellExecuteW
CommandLineToArgvW

shlwapi

PathFileExistsW

steam_api

SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_Init
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamInternal_ContextInit
SteamInternal_CreateInterface

user32

AdjustWindowRect
BeginPaint
CallWindowProcA
ClientToScreen
CloseClipboard
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyWindow
DispatchMessageA
EmptyClipboard
EnableWindow
EndPaint
GetAsyncKeyState
GetCapture
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetMessageA
GetMonitorInfoA
GetSystemMetrics
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
InvalidateRect
LoadCursorA
LoadIconA
MapVirtualKeyA
MessageBoxA
MessageBoxW
MonitorFromWindow
OpenClipboard
PeekMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExW
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCapture
SetClipboardData
SetCursor
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowCursor
ShowWindow
TranslateMessage
UpdateWindow
wsprintfW

vcruntime140

_CxxThrowException
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
__std_terminate
_except_handler4_common
_purecall
memchr
memcpy
memmove
memset
strchr
strrchr
strstr

wininet

HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryOptionA
InternetReadFile
InternetSetOptionA

winmm

timeGetTime

wldap32

ord143
ord200
ord211
ord22
ord26
ord27
ord30
ord301
ord32
ord33
ord35
ord41
ord46
ord50
ord60
ord79

ws2_32

accept
ioctlsocket
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup
listen
ntohl
ntohs
__WSAFDIsSet
recv
recvfrom
select
send
bind
sendto
setsockopt
socket
closesocket
connect
getpeername
gethostname
getsockname
getsockopt
htonl
htons
WSAIoctl
freeaddrinfo
getaddrinfo

xinput9_1_0

XInputGetState

Sections

.xdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xcode
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 10KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.idata
Size: 43.4MB - Virtual size: 43.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.arch
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xtext
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

659783eae81e34c83623bc6f14566764

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

comctl32

crypt32

d3d9

gdi32

kernel32

msvcp140

ole32

shell32

shlwapi

steam_api

user32

vcruntime140

wininet

winmm

wldap32

ws2_32

xinput9_1_0

Sections

.xdata Size: 2.0MB - Virtual size: 2.0MB

.xcode Size: 109KB - Virtual size: 109KB

.code Size: 10KB - Virtual size: 7.4MB

.trace Size: 512B - Virtual size: 512B

.text Size: 4KB - Virtual size: 4KB

.idata Size: 43.4MB - Virtual size: 43.4MB

.srdata Size: 2KB - Virtual size: 2KB

.arch Size: 11KB - Virtual size: 10KB

.xtext Size: 225KB - Virtual size: 224KB

.xdata
Size: 2.0MB - Virtual size: 2.0MB

.xcode
Size: 109KB - Virtual size: 109KB

.code
Size: 10KB - Virtual size: 7.4MB

.trace
Size: 512B - Virtual size: 512B

.text
Size: 4KB - Virtual size: 4KB

.idata
Size: 43.4MB - Virtual size: 43.4MB

.srdata
Size: 2KB - Virtual size: 2KB

.arch
Size: 11KB - Virtual size: 10KB

.xtext
Size: 225KB - Virtual size: 224KB