2024-04-30_d98d35dbededd38a05d78423573f9474_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-30_d98d35dbededd38a05d78423573f9474_avoslocker
Size

7.8MB
MD5

d98d35dbededd38a05d78423573f9474
SHA1

9f53f12fb0b932a739bcc6e624c62d13b8f60c2e
SHA256

6e2aa7a11db1c2d41348580d3cb2cf935dbfa2ccca5632ec6f1baf180bd908d7
SHA512

abb329881f4acbcd65bccad07968e1ed1e7f4820e8f98edaeedb02d60455adb3ca1392799c200f02084a41c6951e0149d4887859a24f24f89228e7c897be8468
SSDEEP

196608:zSUEJOWt8EeYQlHJsv6tWKFdu9CR6u7m:zHlHJsv6tWKFdu9CRTa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-30_d98d35dbededd38a05d78423573f9474_avoslocker

Files

2024-04-30_d98d35dbededd38a05d78423573f9474_avoslocker
.exe windows:6 windows x86 arch:x86

263fc347c3cdbb1fa4fbfae2ffb8e9e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dwmapi

DwmEnableBlurBehindWindow
DwmIsCompositionEnabled

imm32

ImmGetVirtualKey
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmAssociateContext
ImmGetDefaultIMEWnd
ImmReleaseContext
ImmSetCandidateWindow
ImmAssociateContextEx
ImmNotifyIME
ImmGetContext

netapi32

NetApiBufferFree
NetShareEnum

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

timeKillEvent
timeSetEvent

ws2_32

WSAAsyncSelect

kernel32

SetThreadPriority
ResumeThread
TerminateThread
GetModuleHandleW
GetModuleFileNameW
GetStartupInfoW
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
DeviceIoControl
GetVolumePathNamesForVolumeNameW
FindFirstFileW
FindClose
GetFullPathNameW
GetFileInformationByHandle
GetFileInformationByHandleEx
SetFileTime
SetErrorMode
GetLogicalDrives
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
GetTempPathW
GetCurrentDirectoryW
CopyFileW
MoveFileW
MoveFileExW
DeleteFileW
FileTimeToSystemTime
FlushFileBuffers
SetFilePointerEx
ReadFile
WriteFile
GetFileType
SetEndOfFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
RegisterWaitForSingleObject
UnregisterWaitEx
FormatMessageW
GetSystemDirectoryW
LoadLibraryW
CancelIoEx
ReadFileEx
PeekNamedPipe
SleepEx
WriteFileEx
GetCurrencyFormatW
GetDateFormatW
LCMapStringW
GetLocaleInfoW
GetUserPreferredUILanguages
MultiByteToWideChar
WideCharToMultiByte
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
FindFirstFileExW
FindNextFileW
GetModuleHandleExW
FreeLibrary
OpenProcess
LoadLibraryA
GetTimeZoneInformation
GetUserGeoID
GetGeoInfoW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualFree
VirtualAlloc
CreateMutexW
ReleaseMutex
CheckRemoteDebuggerPresent
GlobalAlloc
GlobalLock
GlobalUnlock
ExpandEnvironmentStringsW
GetSystemInfo
GetUserDefaultLangID
LocalAlloc
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
SetLastError
EncodePointer
LoadLibraryExW
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
HeapFree
HeapAlloc
IsValidLocale
EnumSystemLocalesW
DecodePointer
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetEnvironmentVariableW
GetFileSizeEx
GetStringTypeW
GetProcessHeap
HeapSize
WriteConsoleW
WaitForMultipleObjects
CreateThread
GetCurrentThreadId
GetSystemTime
GetLocalTime
SetEvent
CreateEventW
GetTickCount64
QueryPerformanceCounter
QueryPerformanceFrequency
GetExitCodeProcess
TlsGetValue
WaitForSingleObject
WaitForSingleObjectEx
TerminateProcess
CreateProcessW
SetFilePointer
DuplicateHandle
GetCurrentProcess
GetStdHandle
ConnectNamedPipe
CreateNamedPipeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetProcAddress
OutputDebugStringW
GetFileAttributesExW
GetLastError
CreateFileW
CloseHandle
GetCommandLineW
GetCurrentProcessId
LocalFree
GetUserDefaultLCID
CompareStringW
GetConsoleWindow
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
Sleep
GetModuleFileNameA
TlsSetValue
TlsFree
TlsAlloc
SwitchToThread
ResetEvent
GetCurrentThread
GlobalSize
GetThreadPriority
GetTimeFormatW

user32

IsTouchWindow
AdjustWindowRectEx
GetCursorPos
LoadImageW
GetSysColorBrush
GetClientRect
GetKeyboardLayoutList
GetClassInfoW
RegisterClassExW
ChildWindowFromPointEx
GetFocus
ChangeClipboardChain
IsHungAppWindow
SetClipboardViewer
FindWindowA
RegisterWindowMessageW
ShowCaret
DestroyCaret
IsWindowEnabled
GetKeyboardLayout
CreateCaret
SetCaretPos
GetMonitorInfoW
EnumDisplayMonitors
MonitorFromWindow
ToAscii
IsZoomed
TrackPopupMenuEx
ToUnicode
SetMenuItemInfoW
GetKeyboardState
GetMenu
MapVirtualKeyW
GetKeyState
LoadIconW
CreateMenu
AppendMenuW
RemoveMenu
InsertMenuW
DrawMenuBar
DestroyMenu
SetMenu
TrackPopupMenu
CreatePopupMenu
ModifyMenuW
GetMenuItemInfoW
RegisterClipboardFormatW
GetClipboardFormatNameW
SetCursorPos
LoadCursorW
CreateCursor
CreateIconIndirect
GetCursorInfo
GetCursor
GetWindowRect
TrackMouseEvent
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetMessageExtraInfo
GetWindowTextW
RealGetWindowClassW
ChangeWindowMessageFilterEx
AttachThreadInput
GetForegroundWindow
MoveWindow
UnregisterTouchWindow
SetLayeredWindowAttributes
SetFocus
GetUpdateRect
SetParent
SetCapture
SetCursor
FlashWindowEx
UpdateLayeredWindow
GetParent
ReleaseCapture
SetForegroundWindow
InvalidateRect
GetAncestor
IsIconic
BeginPaint
EndPaint
MessageBeep
IsWindow
GetDoubleClickTime
GetCaretBlinkTime
GetDesktopWindow
UpdateLayeredWindowIndirect
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjectsEx
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowLongW
CreateWindowExW
UnregisterClassW
RegisterClassW
CallNextHookEx
SetTimer
GetQueueStatus
DefWindowProcW
PeekMessageW
GetWindowLongW
KillTimer
DestroyWindow
RegisterDeviceNotificationW
UnregisterDeviceNotification
CharNextExA
IsWindowVisible
SetWindowPos
SetWindowRgn
ScreenToClient
SendMessageW
SetWindowTextW
GetWindowPlacement
DestroyCursor
ShowWindow
GetCapture
DestroyIcon
RegisterTouchWindow
ClientToScreen
IsChild
GetIconInfo
PostThreadMessageW
EnumWindows
PostMessageW
GetWindowThreadProcessId
MessageBoxW
SystemParametersInfoW
GetSystemMetrics
GetSysColor
EnableMenuItem
GetSystemMenu
SetWindowPlacement
GetDC
DrawIconEx
ReleaseDC

gdi32

DeleteDC
CreateBitmap
DescribePixelFormat
ChoosePixelFormat
SwapBuffers
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
GetObjectW
GetPixelFormat
CreateDIBSection
GdiFlush
CreateFontIndirectW
GetFontData
EnumFontFamiliesExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
AddFontResourceExW
RemoveFontResourceExW
GetStockObject
GetTextFaceW
GetOutlineTextMetricsW
GetTextExtentPoint32W
SetGraphicsMode
SetWorldTransform
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsI
GetCharABCWidthsW
SetTextColor
SetBkMode
SetTextAlign
ExtTextOutW
SetPixelFormat
GetDeviceCaps
OffsetRgn
CreateRectRgn
SelectClipRgn
DeleteObject
CombineRgn
CreateDCW
BitBlt
GetBitmapBits
GetDIBits

shell32

Shell_NotifyIconGetRect
Shell_NotifyIconW
SHCreateItemFromIDList
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
SHCreateItemFromParsingName
SHGetMalloc
ShellExecuteW
SHGetStockIconInfo
SHGetFileInfoW
ord727
SHGetKnownFolderPath
CommandLineToArgvW

ole32

CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoInitialize
CoUninitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleUninitialize
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
OleGetClipboard
CoGetMalloc
ReleaseStgMedium
DoDragDrop
CoInitializeEx
StringFromGUID2
OleFlushClipboard

oleaut32

SafeArrayPutElement
SysAllocString
SafeArrayCreateVector

advapi32

DuplicateToken
RegQueryValueExW
RegCloseKey
SystemFunction036
FreeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
BuildTrusteeWithSidW
RegOpenKeyExW
AllocateAndInitializeSid
GetNamedSecurityInfoW
LookupAccountSidW
MapGenericMask
AccessCheck
GetEffectiveRightsFromAclW
RegFlushKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

263fc347c3cdbb1fa4fbfae2ffb8e9e9

Headers

DLL Characteristics

File Characteristics

Imports

dwmapi

imm32

netapi32

userenv

version

winmm

ws2_32

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 2.9MB - Virtual size: 2.9MB

.data Size: 88KB - Virtual size: 130KB

.qtmetad Size: 512B - Virtual size: 364B

.rsrc Size: 120KB - Virtual size: 120KB

.reloc Size: 179KB - Virtual size: 179KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 88KB - Virtual size: 130KB

.qtmetad
Size: 512B - Virtual size: 364B

.rsrc
Size: 120KB - Virtual size: 120KB

.reloc
Size: 179KB - Virtual size: 179KB