Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_e4f5c69da85d35a232e08d5a6044acad_avoslocker.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
2024-04-27_e4f5c69da85d35a232e08d5a6044acad_avoslocker.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
Target
2024-04-27_e4f5c69da85d35a232e08d5a6044acad_avoslocker
Size
6.2MB
MD5
e4f5c69da85d35a232e08d5a6044acad
SHA1
eb65224deae130cee66f5d6d9358a72c4f16a31b
SHA256
66b56a2ae416c8d3c5aea3ba7705523618496e2b9a5333ba677564603f36774b
SHA512
fa62978eb05d02de54366a52a9dd250e8b2dbee3bea8ebf2cda1aa47ca7e5dbeaa322c38df4647595a3a3ed3baa58cc9098f4ad9846837f6be63fec2e0037591
SSDEEP
98304:CvNSjUZ6rr/G8At8dx8wwcv2DclG/vxqSy6Qyx:IGUgrrutt8dx8wwkPGqXyx
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
C:\ent-slave-root\workspace\VNCConnect\Builds\Clients\VNC_7.1.x\label\con-windows-64\bld32\RelWithDebInfo\odserver.pdb
CertOpenStore
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
getpeername
getsockname
htonl
inet_addr
inet_ntoa
htons
ntohs
gethostbyaddr
gethostbyname
getservbyport
getservbyname
WSASetLastError
ntohl
WSAGetLastError
shutdown
send
select
recv
WSASocketW
WSADuplicateSocketW
WSAConnect
WSAStartup
socket
ioctlsocket
closesocket
bind
accept
getsockopt
WSAEventSelect
WSAEnumNetworkEvents
WSASendTo
WSASend
WSAIoctl
setsockopt
ImageList_Create
_TrackMouseEvent
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_Destroy
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
RemoveDirectoryW
SetEndOfFile
SetFilePointer
MoveFileW
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetProcAddress
GetComputerNameW
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
FindClose
FindFirstFileW
FindNextFileW
CompareStringW
LocalAlloc
CreateThread
GetCurrentThread
TerminateThread
ResumeThread
GetThreadTimes
GetVersionExW
ExpandEnvironmentStringsW
OutputDebugStringW
GetLocaleInfoW
GetUserDefaultLCID
RtlCaptureStackBackTrace
GetModuleHandleExW
GetExitCodeProcess
GetProcessId
FlushFileBuffers
WriteFile
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetHandleInformation
SetHandleInformation
GetNumberFormatW
GetSystemInfo
DuplicateHandle
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetTimeFormatW
GetDateFormatW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
CreateProcessW
FormatMessageW
OpenProcess
WaitForMultipleObjects
CreateNamedPipeW
ConnectNamedPipe
WriteConsoleW
ReadConsoleW
GetConsoleMode
FreeConsole
AllocConsole
SetLastError
GetFileType
GetStdHandle
FindResourceW
SizeofResource
LockResource
LoadResource
ExitProcess
QueryFullProcessImageNameW
GetModuleFileNameW
GetCurrentProcess
SearchPathW
SetStdHandle
GetCommandLineW
GlobalSize
LoadLibraryW
GlobalFree
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WideCharToMultiByte
MultiByteToWideChar
GlobalLock
GlobalUnlock
GetModuleHandleW
WaitForSingleObject
GetCurrentProcessId
SetProcessShutdownParameters
CancelIo
GetOverlappedResult
ReadFile
CreateFileW
GetCurrentThreadId
Sleep
CreateEventW
ResetEvent
SetEvent
SetFileAttributesW
GetFileAttributesExW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetErrorMode
GetVolumePathNamesForVolumeNameW
GetDriveTypeW
GetDiskFreeSpaceExW
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
WTSGetActiveConsoleSessionId
CopyFileW
LocalFree
GetSystemDirectoryW
GetLastError
ReOpenFile
CloseHandle
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
RaiseException
InterlockedPushEntrySList
LoadLibraryExA
InterlockedFlushSList
EncodePointer
LoadLibraryExW
GetConsoleOutputCP
HeapAlloc
HeapFree
IsValidLocale
EnumSystemLocalesW
SetFilePointerEx
DecodePointer
GetFileSizeEx
SetConsoleCtrlHandler
HeapReAlloc
SetEnvironmentVariableW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
HeapSize
VirtualProtect
VirtualQuery
LCMapStringW
CloseDesktop
GetUserObjectInformationW
SetWinEventHook
UnhookWinEvent
ChangeDisplaySettingsExW
EnumDisplaySettingsW
MonitorFromRect
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
mouse_event
SendInput
ToUnicodeEx
GetKeyboardLayoutList
GetAsyncKeyState
ToAsciiEx
VkKeyScanExA
VkKeyScanExW
keybd_event
MapVirtualKeyW
CreateIconIndirect
CallWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
DefDlgProcW
SetTimer
KillTimer
RedrawWindow
ScrollWindowEx
SetLayeredWindowAttributes
SetWindowDisplayAffinity
CopyImage
DrawIconEx
GetIconInfo
GetParent
DefWindowProcW
SetThreadDesktop
GetMessagePos
GetDoubleClickTime
CreateMenu
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
GetClipboardOwner
TrackPopupMenu
DeleteMenu
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
GetMenuState
GetOpenClipboardWindow
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsDialogMessageW
DestroyIcon
EnumChildWindows
SetWindowTextW
EndDialog
DialogBoxParamW
CreateDialogParamW
SetParent
FindWindowW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
MessageBoxW
GetDlgItem
WindowFromPoint
IsWindowEnabled
PostMessageW
GetCursor
GetScrollInfo
OpenInputDesktop
OpenDesktopW
MsgWaitForMultipleObjects
PeekMessageW
PostQuitMessage
RegisterClipboardFormatW
SetClipboardViewer
ChangeClipboardChain
GetThreadDesktop
SystemParametersInfoW
GetSystemMetrics
GetCursorPos
GetKeyboardLayout
ExitWindowsEx
SendMessageTimeoutW
GetKeyState
GetKeyboardState
IsWindowUnicode
GetForegroundWindow
GetWindowThreadProcessId
GetGUIThreadInfo
ChangeDisplaySettingsExA
GetNextDlgTabItem
ScreenToClient
InsertMenuItemW
SetScrollInfo
OffsetRect
AdjustWindowRectEx
InvalidateRect
GetWindowTextLengthW
GetWindowTextW
GetClipboardData
LoadIconW
GetDesktopWindow
SetWindowLongW
MapWindowPoints
ClientToScreen
SetForegroundWindow
EnableMenuItem
GetSystemMenu
EnableWindow
ReleaseCapture
SetCapture
GetDlgCtrlID
GetWindowPlacement
SetWindowPos
ShowWindow
IsChild
GetMessageW
GetComboBoxInfo
ReleaseDC
GetWindowDC
GetDC
GetAncestor
GetWindowLongW
InflateRect
FrameRect
DrawFocusRect
GetSysColorBrush
GetSysColor
SetCursor
GetClientRect
DrawTextW
GetFocus
SendMessageW
DrawFrameControl
SetFocus
LoadCursorW
FillRect
EndPaint
BeginPaint
DispatchMessageW
TranslateMessage
GetCursorInfo
EnumDisplayDevicesA
GetWindow
GetWindowRect
IsWindowVisible
GetClassNameW
IsIconic
IsWindow
EnumDisplaySettingsA
EnumDisplayDevicesW
GdiFlush
GetSystemPaletteEntries
SetDIBColorTable
CreateDIBSection
GdiAlphaBlend
CreateBitmap
StretchBlt
GetClipBox
CreateDCW
CreateCompatibleDC
BitBlt
CreateFontIndirectW
GetTextMetricsW
GetObjectW
SetBkColor
ExcludeClipRect
GetPixel
CreateCompatibleBitmap
MoveToEx
PatBlt
LineTo
CreatePen
GetCharWidthW
SetBkMode
GetStockObject
DeleteObject
CreateSolidBrush
ExtEscape
SetWindowOrgEx
SetTextColor
SelectObject
GetBitmapBits
GetTextExtentPoint32W
SetMapMode
GetDeviceCaps
GetDIBits
DeleteDC
SHGetMalloc
SHGetKnownFolderPath
SHFileOperationW
ShellExecuteW
ord74
SHGetFileInfoW
SHGetDesktopFolder
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
CoTaskMemRealloc
CoUninitialize
CoInitializeEx
OleUninitialize
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
SysFreeString
SysAllocString
GetLengthSid
LookupPrivilegeValueW
AdjustTokenPrivileges
CreateProcessWithLogonW
LogonUserW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
GetUserNameW
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
MakeSelfRelativeSD
MakeAbsoluteSD
InitializeSecurityDescriptor
GetSecurityDescriptorLength
GetSecurityDescriptorControl
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
DuplicateTokenEx
SetSecurityInfo
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
SetEntriesInAclW
InitializeAcl
GetAclInformation
InitiateSystemShutdownW
StartServiceW
SetServiceObjectSecurity
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
SetTokenInformation
RegisterServiceCtrlHandlerW
SetServiceStatus
StartServiceCtrlDispatcherW
OpenProcessToken
EqualSid
CreateProcessAsUserW
AllocateAndInitializeSid
CopySid
FreeSid
ChangeServiceConfigW
GetSidIdentifierAuthority
GetTokenInformation
IsValidSid
LookupAccountSidW
LookupAccountNameW
ConvertSidToStringSidW
ConvertStringSidToSidW
CloseServiceHandle
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ