SonED2[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

SonED2.exe
Size

540KB
MD5

dcb8a25253914d53f5e20499bae7851d
SHA1

d136e9eadd9d4e6ec044537e1b9ab54328f15dff
SHA256

269aabcba2a646940d9e1a473189c7c6800328d16f63ceab2d19ba9b42f5cd30
SHA512

a7cdf755a0872a35c904e52e07b0cb330d8edec6790d5db1a88337bb39dca3deb929bdd457982f433df1202d5a4d11aaa29c518af2fe033a5855e943eb9453da
SSDEEP

3072:3z3hwjfq1vexonO/3dFHlk8UiIcr/y3BvuBIhUIEmjkg17RbfFLeI6:tZ5oRBI6IEmjks7RbfFU

Score

1^/10

Malware Config

Signatures

Files

SonED2.exe
.exe windows x86

27683229ca59a1260243d4aa7d8a74a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetEnvironmentVariableA
GetLastError
QueryPerformanceCounter
GetCurrentThreadId
LoadResource
GetModuleFileNameA
SetEnvironmentVariableA
SetHandleCount
GetFileAttributesA
LoadLibraryA
GetVersion
GetDriveTypeA
GetEnvironmentStrings
GetCommandLineA
WriteFile
GetLogicalDrives
SetFilePointer
DeleteFileA
RtlUnwind
GetFileType
QueryPerformanceFrequency
LockResource
CreateProcessA
InitializeCriticalSection
GlobalMemoryStatus
ExitProcess
GetStdHandle
GetStartupInfoA
LeaveCriticalSection
FindClose
CloseHandle
EnterCriticalSection
GetProcAddress
FindFirstFileA
VirtualAlloc
UnhandledExceptionFilter
GetLocalTime
FindNextFileA
SetCurrentDirectoryA
SetConsoleCtrlHandler
GetFullPathNameA
FindResourceA
ReadFile
RaiseException
VirtualFree
CreateFileA
GetCurrentDirectoryA

gdi32

StretchBlt
SetTextColor
SetPixel
SelectObject
GetTextExtentPoint32A
GetPixel
GetObjectA
DeleteObject
DeleteDC
SetBkColor
CreateCompatibleDC
TextOutA

user32

UpdateWindow
UnregisterClassA
ShowWindow
ShowCursor
SetWindowTextA
SetWindowPos
SetWindowLongA
SetScrollRange
SetScrollPos
SetMenu
SetCursor
ReleaseDC
PostQuitMessage
PeekMessageA
ModifyMenuA
LoadImageA
LoadCursorA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetScrollPos
GetMessageA
GetMenu
GetDC
MessageBoxA
GetCursorPos
GetClientRect
GetAsyncKeyState
RegisterClassExA
EnumThreadWindows
EnableScrollBar
DispatchMessageA
SetRect
DefWindowProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
ClientToScreen
AppendMenuA
AdjustWindowRectEx
TranslateMessage

winmm

timeGetTime
timeBeginPeriod

comdlg32

GetSaveFileNameA
GetOpenFileNameA

ddraw

DirectDrawCreateEx

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 327KB - Virtual size: 25.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27683229ca59a1260243d4aa7d8a74a0

Headers

File Characteristics

Imports

kernel32

gdi32

user32

winmm

comdlg32

ddraw

Exports

Exports

Sections

CODE Size: 189KB - Virtual size: 192KB

DATA Size: 327KB - Virtual size: 25.5MB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 16KB

CODE
Size: 189KB - Virtual size: 192KB

DATA
Size: 327KB - Virtual size: 25.5MB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 16KB