@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo
Static task
static1
1 signatures
General
-
Target
SonED2.exe
-
Size
628KB
-
MD5
12d9e83c38e65b7c40e2401bb5945e67
-
SHA1
6b3fa7f00b5a47f0130d503cbba0491a4eaf6d73
-
SHA256
7a52f9059966591b2b298c65f17911792e29b26c8a2acfcf10c8239150708128
-
SHA512
048dc2d55d3f00c0d414171a7ee51274b90f977ce0e0293a4016d3eebbb5cc911f90dfa89ac57323a4280f6b68fe1d6c61f62c8eda3790423ac39a73a05a50b8
-
SSDEEP
6144:V7uqLksDlaGNCoJg0x/cigm+j/H3iXDWYsjFPKybhFp:V7uVS0GNfmi/cnr7H3KsoyVFp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SonED2.exe
Files
-
SonED2.exe.exe windows x86
ac2214d163529f9ecc1dfb0cc390c443
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
CloseHandle
LoadResource
GetStartupInfoA
SetConsoleTextAttribute
GetNumberOfConsoleInputEvents
LeaveCriticalSection
GetVersion
GetCurrentDirectoryA
Sleep
GetLastError
RtlUnwind
RaiseException
GetEnvironmentVariableA
LoadLibraryA
GetDriveTypeA
GetCurrentThreadId
GetStdHandle
GetConsoleMode
GetModuleHandleA
GetModuleFileNameA
SetFilePointer
SetConsoleTitleA
SetConsoleMode
GetLocalTime
ReadFile
GetFileAttributesA
GetExitCodeProcess
PeekConsoleInputA
CreateDirectoryA
GetEnvironmentStrings
EnterCriticalSection
CreateProcessA
InitializeCriticalSection
GlobalMemoryStatus
GetProcAddress
DeleteFileA
ExitProcess
AllocConsole
FindClose
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FindFirstFileA
GetLogicalDrives
SetEnvironmentVariableA
SetCurrentDirectoryA
FindNextFileA
WaitForSingleObject
GetFullPathNameA
SetConsoleCtrlHandler
FindResourceA
GetFileType
SetHandleCount
ReadConsoleInputA
GetCommandLineA
QueryPerformanceFrequency
QueryPerformanceCounter
CreateFileA
WriteFile
LockResource
gdi32
TextOutA
StretchBlt
SetTextColor
SetPixel
SelectObject
GetTextExtentPoint32A
GetPixel
GetObjectA
DeleteObject
SetBkColor
DeleteDC
CreateCompatibleDC
user32
UnregisterClassA
TranslateMessage
ShowWindow
ShowCursor
SetWindowTextA
SetWindowLongA
SetScrollRange
SetScrollPos
SetRect
SetMenu
SetFocus
SetCursor
ReleaseDC
RegisterClassExA
PostQuitMessage
ModifyMenuA
MessageBoxA
LoadImageA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetSystemMetrics
GetScrollPos
GetMessageA
GetMenu
GetDC
GetCursorPos
GetClientRect
GetAsyncKeyState
LoadCursorA
FindWindowA
EnumThreadWindows
EnableScrollBar
PeekMessageA
DispatchMessageA
DestroyWindow
DefWindowProcA
SendMessageA
CreateWindowExA
CreatePopupMenu
CreateMenu
ClientToScreen
BringWindowToTop
AppendMenuA
AdjustWindowRectEx
SetWindowPos
winmm
timeGetTime
timeBeginPeriod
comdlg32
GetSaveFileNameA
GetOpenFileNameA
ddraw
DirectDrawCreateEx
shell32
SHGetPathFromIDList
SHGetMalloc
SHBrowseForFolder
Exports
Exports
Sections
CODE Size: 257KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 343KB - Virtual size: 25.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 22KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ