privateloader | 2024-05-02_10d6291d721dc4278324561b4cc477bd_avoslocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-02_10d6291d721dc4278324561b4cc477bd_avoslocker
Size

10.2MB
MD5

10d6291d721dc4278324561b4cc477bd
SHA1

33d863e1299743028f4b9b7266ecb30a11fadbd8
SHA256

7e79e1aafd982e8b3d8dd3c1b200ff769f6884a09e499db0bd492a51f3f05d03
SHA512

71302f1a54a85db3df75f358adfbbeec243ad868327727e6615db2d65ca44f1b01e607adcf34469afa803d6a37ad398bab00f472976651af817ea5e5d38c0db1
SSDEEP

196608:kI+AjEAPxOmKxAg94fLEgvI683e5h+eXqaIn9MJUh2d8JDR:k8gmKxLTc5weaVYqJDR

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-02_10d6291d721dc4278324561b4cc477bd_avoslocker

Files

2024-05-02_10d6291d721dc4278324561b4cc477bd_avoslocker
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 13.2MB - Virtual size: 13.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 810KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 857KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ