2024-05-01_bcfe3b5e497f1b7f2363c666a6765490_avoslocker

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-01_bcfe3b5e497f1b7f2363c666a6765490_avoslocker
Size

3.5MB
MD5

bcfe3b5e497f1b7f2363c666a6765490
SHA1

66070283f91d79a83bf22d5ebcc362e8da2fda69
SHA256

435e0102bc175f0d55ecd6f6bcd074dffa578bbb7723f39436a4bbb5b9b7f4a9
SHA512

d41f973a01d1f6b05ce91f1acc7a87e71d6238fb880344801fe485cea44e25d05b19e9b68d5e978a80ac7fa7d44e4a73de720261db870378d4a4094b9c29639a
SSDEEP

98304:sNkxOBodeDZgtmgIm3z6N+LqtG/GfmeZQKHiFLOAkGkzdnEVomFHKnPR:sNkxhEZK/GfmpFLOyomFHKnPR

Score

1^/10

Malware Config

Signatures

Files

2024-05-01_bcfe3b5e497f1b7f2363c666a6765490_avoslocker
.exe windows:6 windows x86 arch:x86

0ff6bdd46806dec8e10cbb81b716e5ad

Code Sign

4e:91:77:14:aa:42:b2:aa:42:81:d1:e4:44:d1:7f:ca
Certificate

Issuer

CN=AmgApp,1.2.840.113549.1.9.1=#0c0f64697240616d696e6770702e636f6d

Not Before

21-06-2020 21:00

Not After

22-06-2021 21:00

Subject

CN=AmgApp,1.2.840.113549.1.9.1=#0c0f64697240616d696e6770702e636f6d

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-10-2020 00:00

Not After

22-01-2032 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CompareStringA
FreeLibrary
EnumSystemLocalesW
FreeResource
UnhandledExceptionFilter
VirtualProtect
GetPrivateProfileIntA
GetEnvironmentStringsW
GetWindowsDirectoryA
FileTimeToLocalFileTime
FlushFileBuffers
GetModuleHandleW
GetTickCount64
ReadFile
GetCurrentThread
HeapAlloc
FindResourceA
IsValidCodePage
GlobalSize
ExitThread
GetOEMCP
SetLastError
FindNextFileW
GetUserDefaultUILanguage
HeapQueryInformation
SizeofResource
ResumeThread
CopyFileA
GetTickCount
FileTimeToSystemTime
WaitForSingleObject
GetCommandLineA
LocalFree
VirtualQuery
EncodePointer
FormatMessageA
GetConsoleOutputCP
HeapSize
lstrcmpA
FindFirstFileA
GetSystemDirectoryW
lstrcmpiA
TlsAlloc
GlobalDeleteAtom
VirtualAlloc
GetTempPathA
DecodePointer
CreateFileA
FreeLibraryAndExitThread
CreateFileW
SetErrorMode
GetConsoleMode
VerSetConditionMask
GetLastError
RtlUnwind
GetStartupInfoW
GetTempFileNameA
SearchPathA
InitializeCriticalSectionEx
GlobalReAlloc
GetFileType
DuplicateHandle
HeapFree
CreateEventW
lstrcmpW
MultiByteToWideChar
GlobalFindAtomA
OutputDebugStringW
SystemTimeToTzSpecificLocalTime
GetCommandLineW
GetProcAddress
SetEvent
DeleteFileA
WritePrivateProfileStringA
SetThreadPriority
IsDebuggerPresent
QueryPerformanceFrequency
GlobalHandle
CloseHandle
CreateEventA
FindClose
LockFile
GlobalFlags
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalAlloc
LocalReAlloc
GetSystemDefaultUILanguage
MulDiv
LeaveCriticalSection
FindFirstFileExW
GetFileTime
HeapReAlloc
GlobalLock
LCMapStringW
SetFilePointerEx
GetCPInfo
GetCurrentThreadId
GetVersionExA
GetModuleHandleExW
OutputDebugStringA
GetUserDefaultLCID
FindResourceW
TlsSetValue
GlobalFree
TerminateProcess
GetFullPathNameA
SetFilePointer
TlsGetValue
FreeEnvironmentStringsW
GetLocaleInfoW
InitializeSListHead
GetPrivateProfileStringA
lstrcpyA
GlobalAddAtomA
GetModuleFileNameW
UnlockFile
CreateThread
GetFileAttributesExA
LoadResource
TlsFree
WideCharToMultiByte
RaiseException
GlobalUnlock
GetTimeZoneInformation
GetFileSize
GetCurrentProcess
GetCurrentDirectoryA
SetUnhandledExceptionFilter
GetACP
GetSystemInfo
WaitForSingleObjectEx
EnterCriticalSection
GetFileAttributesA
Sleep
GetFileSizeEx
IsValidLocale
GetModuleFileNameA
GetSystemTimeAsFileTime
ExitProcess
LocalAlloc
DeleteCriticalSection
GetProcessHeap
GetVolumeInformationA
GetProfileIntA
GetCurrentProcessId
VerifyVersionInfoA
LCMapStringEx
GetModuleHandleA
InitializeCriticalSection
FindResourceExW
SetEnvironmentVariableW
WriteConsoleW
GlobalGetAtomNameA
SetEndOfFile
IsProcessorFeaturePresent
LoadLibraryExW
QueryPerformanceCounter
LoadLibraryW
LockResource
SetStdHandle
GetStdHandle
ResetEvent
WriteFile
DeleteFileW
GetStringTypeW

user32

DefFrameProcA
EnumWindows
GetIconInfo
GetForegroundWindow
GetWindowDC
LoadAcceleratorsA
DeleteMenu
SetCapture
ReleaseCapture
GetActiveWindow
IntersectRect
IsWindow
DestroyMenu
PostThreadMessageA
GetLastActivePopup
GetScrollRange
IsRectEmpty
MapVirtualKeyExA
HideCaret
ReuseDDElParam
SetPropA
BeginDeferWindowPos
GrayStringA
IsClipboardFormatAvailable
MoveWindow
WaitMessage
GetDlgCtrlID
GetWindowThreadProcessId
GetAsyncKeyState
SetScrollRange
DrawIconEx
EqualRect
GetMenu
SetMenuItemInfoA
CreateAcceleratorTableA
WinHelpA
MonitorFromPoint
ScreenToClient
GetNextDlgGroupItem
DrawMenuBar
GetClassNameA
EnableScrollBar
UnhookWindowsHookEx
IsZoomed
RegisterClassA
KillTimer
GetMessagePos
SetScrollInfo
DrawTextExA
DispatchMessageA
GetScrollPos
DestroyIcon
ReleaseDC
GetComboBoxInfo
IsDialogMessageA
GetWindowPlacement
IsMenu
DeferWindowPos
GetKeyboardLayout
GetClientRect
LoadCursorA
EnableWindow
AppendMenuA
SetWindowTextA
MapVirtualKeyA
CloseClipboard
DrawIcon
UnpackDDElParam
GetSystemMenu
DefWindowProcA
SetForegroundWindow
SetMenu
DefMDIChildProcA
SetMenuDefaultItem
SendMessageA
SetWindowRgn
GetWindowLongW
EndPaint
GetMenuDefaultItem
CreatePopupMenu
SystemParametersInfoA
GetSubMenu
GetWindowTextW
SetClipboardData
GetMenuItemID
SetWindowPlacement
NotifyWinEvent
GetMenuState
LoadIconW
GetUpdateRect
LoadCursorW
DrawTextA
MapDialogRect
CopyAcceleratorTableA
SetActiveWindow
CreateMenu
MonitorFromWindow
CheckMenuItem
CopyRect
CreateDialogIndirectParamA
GetScrollInfo
DrawStateA
GetMenuItemInfoA
TrackPopupMenu
CharUpperBuffA
SetMenuItemBitmaps
UnionRect
SetCursorPos
UpdateLayeredWindow
TranslateMessage
InsertMenuItemA
SetRect
GetClassLongA
FillRect
EnableMenuItem
DrawEdge
GetTopWindow
IsCharLowerA
GetWindowTextA
TranslateAcceleratorA
SendDlgItemMessageA
LoadBitmapW
InvertRect
SetTimer
GetWindowLongA
DestroyAcceleratorTable
GetClassInfoA
RegisterWindowMessageA
CopyImage
LoadAcceleratorsW
SetWindowLongA
EndDeferWindowPos
GetFocus
PeekMessageA
GetClassInfoExA
GetSysColor
TabbedTextOutA
LoadImageA
GetDoubleClickTime
BeginPaint
GetMessageTime
GetCursorPos
ScrollWindow
IsChild
GetMenuStringA
DestroyWindow
LoadImageW
ShowWindow
IsWindowVisible
GetParent
OffsetRect
GetDC
DrawFocusRect
ToAsciiEx
SubtractRect
SetClassLongA
GetMonitorInfoA
PostMessageA
CheckDlgButton
MapWindowPoints
SetCursor
LoadMenuA
CopyIcon
LockWindowUpdate
GetSystemMetrics
ClientToScreen
GetKeyboardState
ValidateRect
TrackMouseEvent
SetFocus
InsertMenuA
CallWindowProcA
RegisterClipboardFormatA
CreateWindowExA
GetWindowRect
RemoveMenu
GetWindowRgn
MessageBoxW
RealChildWindowFromPoint
ModifyMenuA
InvalidateRect
LoadIconA
ShowScrollBar
SetRectEmpty
OpenClipboard
LoadMenuW
PtInRect
GetWindowTextLengthA
GetDlgItem
SetWindowsHookExA
GetNextDlgTabItem
UpdateWindow
CallNextHookEx
IsWindowEnabled
GetMenuCheckMarkDimensions
GetMessageA
EmptyClipboard
GetKeyNameTextA
IsIconic
GetWindow
ShowOwnedPopups
MessageBoxA
PostQuitMessage
CharUpperA
GetKeyState
WindowFromPoint
EndDialog
SetWindowPos
RedrawWindow
FrameRect
SetLayeredWindowAttributes
GetPropA
UnregisterClassA
GetDesktopWindow
SetScrollPos
InflateRect
EnumDisplayMonitors
DestroyCursor
BringWindowToTop
SetParent
TranslateMDISysAccel
AdjustWindowRectEx
RemovePropA
MessageBeep
DrawFrameControl
GetMenuItemCount
GetSysColorBrush
GetCapture

gdi32

ExtTextOutA
GetBkColor
PatBlt
ExtSelectClipRgn
GetTextFaceA
GetLayout
DeleteObject
CreateDCA
GetNearestPaletteIndex
FillRgn
Rectangle
TextOutA
SetPixel
RealizePalette
OffsetViewportOrgEx
GetWindowExtEx
DPtoLP
ExcludeClipRect
RectVisible
CreatePalette
CreateCompatibleDC
SetPaletteEntries
SetBkMode
GetTextMetricsA
Polygon
GetViewportExtEx
PtVisible
SetMapMode
GetClipBox
StretchBlt
CreateSolidBrush
GetPaletteEntries
CombineRgn
CreateDIBSection
OffsetWindowOrgEx
SetPolyFillMode
EnumFontFamiliesExA
SetWindowOrgEx
GetObjectType
CreatePatternBrush
GetRgnBox
CreateDIBitmap
ScaleViewportExtEx
CreateBitmap
SetRectRgn
CreateCompatibleBitmap
CreateHatchBrush
Polyline
CreateRoundRectRgn
GetTextExtentPoint32A
SaveDC
FrameRgn
LPtoDP
CreateEllipticRgn
Ellipse
BitBlt
SetBkColor
GetBoundsRect
CreatePolygonRgn
SetViewportExtEx
SetLayout
MoveToEx
SelectClipRgn
GetSystemPaletteEntries
GetPixel
SelectPalette
SetTextAlign
SetPixelV
SelectObject
CreateFontIndirectA
DeleteDC
GetDeviceCaps
CreateRectRgn
ExtFloodFill
RestoreDC
GetStockObject
CreatePen
PtInRegion
Escape
IntersectClipRect
ScaleWindowExtEx
LineTo
CopyMetaFileA
GetWindowOrgEx
GetTextColor
SetWindowExtEx
GetViewportOrgEx
SetROP2
GetObjectA
RoundRect
SetTextColor
CreateRectRgnIndirect
GetTextCharsetInfo
OffsetRgn
SetDIBColorTable
EnumFontFamiliesA
SetViewportOrgEx

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExA

shell32

DragFinish
SHGetFileInfoA
ShellExecuteExW
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteA
CommandLineToArgvW
SHGetPathFromIDListA
DragQueryFileA
SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
StrFormatKBSizeA
PathFindExtensionA

uxtheme

DrawThemeText
GetCurrentThemeName
GetThemePartSize
IsAppThemed
GetWindowTheme
CloseThemeData
IsThemeBackgroundPartiallyTransparent
OpenThemeData
DrawThemeBackground
GetThemeSysColor
DrawThemeParentBackground
GetThemeColor

ole32

OleDuplicateData
CreateStreamOnHGlobal
CoTaskMemAlloc
OleDestroyMenuDescriptor
CoCreateInstance
IsAccelerator
CoUninitialize
DoDragDrop
RevokeDragDrop
CoTaskMemFree
CoCreateGuid
ReleaseStgMedium
OleGetClipboard
CoLockObjectExternal
CoInitialize
CoDisconnectObject
RegisterDragDrop
CoInitializeEx
OleLockRunning
OleCreateMenuDescriptor
OleTranslateAccelerator

oleaut32

VarBstrFromDate
VariantCopy
SystemTimeToVariantTime
LoadTypeLi
SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
OleLoadPicture
VariantTimeToSystemTime

gdiplus

GdipSetInterpolationMode
GdipBitmapUnlockBits
GdipCreateFromHDC
GdipDrawImageI
GdipGetImagePixelFormat
GdipCloneImage
GdipFree
GdipCreateBitmapFromHBITMAP
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDisposeImage
GdiplusShutdown
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipAlloc
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImageGraphicsContext
GdipGetImageHeight
GdiplusStartup
GdipBitmapLockBits

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ff6bdd46806dec8e10cbb81b716e5ad

Code Sign

4e:91:77:14:aa:42:b2:aa:42:81:d1:e4:44:d1:7f:caCertificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 339KB - Virtual size: 338KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 137KB - Virtual size: 136KB

4e:91:77:14:aa:42:b2:aa:42:81:d1:e4:44:d1:7f:ca
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 339KB - Virtual size: 338KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 137KB - Virtual size: 136KB