SONICR[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SONICR.EXE
Size

1.2MB
MD5

f602973fa368c50c0d75373a98040aa6
SHA1

939b7decc787a2757f02689fa551f629c51886e4
SHA256

f52ea00b1b2cd613a1cf1e79175a1c9a3c8b368207737877e5bcd228390aad9d
SHA512

58b25f34037422b174e0a215b8aae5285ea9a7cdd0def3af3160bb1bf2dcc583ab0b4a5e0ca72099027b49d3ecbf9afb818ea5417f60cf0eea9270fff1f6fcb9
SSDEEP

24576:dqVRw4Eyl+rgQyX0+Leb85m2TT0SzJFf1ZJks:UVe4Eyl/0+LeIThvf1ZJks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SONICR.EXE

Files

SONICR.EXE
.exe windows:1 windows x86 arch:x86

ca38b2c76bf7c9ac224eb9e529332a46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegCloseKey
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

kernel32

CloseHandle
CreateEventA
CreateThread
GetDriveTypeA
GetExitCodeThread
GetModuleFileNameA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
OutputDebugStringA
ResetEvent
SetCurrentDirectoryA
SetEvent
TerminateThread
WaitForSingleObject
lstrcatA
lstrcpyA
lstrlenA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetCommandLineA
GetConsoleMode
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetVersion
LoadLibraryA
ReadConsoleInputA
ReadFile
ReleaseMutex
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetEvent
SetFilePointer
SetStdHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleA
WriteFile

gdi32

CreateFontA
DeleteObject
ExtTextOutA
GetPixel
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextExtentPointA
SelectObject
SetBkColor
SetBkMode
SetPixel
SetTextColor

user32

AdjustWindowRectEx
AppendMenuA
BeginPaint
ClientToScreen
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawMenuBar
EndDialog
EndPaint
GetClientRect
GetDC
GetMenu
GetMenuItemCount
GetMessageA
GetSystemMetrics
GetWindowLongA
GetWindowRect
LoadAcceleratorsA
LoadCursorA
LoadIconA
MessageBoxA
PeekMessageA
PostQuitMessage
RedrawWindow
RegisterClassA
ReleaseDC
SendMessageA
SetCursor
SetFocus
SetRect
SetWindowPos
SetWindowTextA
ShowCursor
ShowWindow
TranslateAcceleratorA
TranslateMessage
UpdateWindow
WaitMessage
GetActiveWindow
wsprintfA

winmm

mciSendCommandA
mmioAdvance
mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioGetInfo
mmioOpenA
mmioRead
mmioSeek
mmioSetInfo
mmioWrite
timeGetTime

dsound

DirectSoundCreate
DirectSoundEnumerateA

dplayx

ord4

dinput

DirectInputCreateA

ddraw

DirectDrawCreate
DirectDrawEnumerateA

Sections

BEGTEXT
Size: 875KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 274KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4.1MB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 76KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca38b2c76bf7c9ac224eb9e529332a46

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

gdi32

user32

winmm

dsound

dplayx

dinput

ddraw

Sections

BEGTEXT Size: 875KB - Virtual size:

DGROUP Size: 274KB - Virtual size:

.bss Size: 4.1MB - Virtual size:

.idata Size: 4KB - Virtual size:

.reloc Size: 76KB - Virtual size:

.rsrc Size: 3KB - Virtual size:

BEGTEXT
Size: 875KB - Virtual size:

DGROUP
Size: 274KB - Virtual size:

.bss
Size: 4.1MB - Virtual size:

.idata
Size: 4KB - Virtual size:

.reloc
Size: 76KB - Virtual size:

.rsrc
Size: 3KB - Virtual size: