2024-05-03_0143383faca89d9bc4e28b9405877871_avoslocker_metamorfo

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_0143383faca89d9bc4e28b9405877871_avoslocker_metamorfo
Size

4.5MB
MD5

0143383faca89d9bc4e28b9405877871
SHA1

6388c3a8e7df4a3d3b3b58d5712dc2d4421848a3
SHA256

e04abc99202791c0fba61147b5be184c4a78c722ac1c56e07d9f36ac17729f06
SHA512

8425739def23e5be48977d4460fca88cd2cc5f8e40c67f86b65912fae79be58414476e380654c8c94c6eb991f70dbeb5e26ee092b836be931cb15d529ce60cbb
SSDEEP

98304:cZke1wQENeaQU+ixnc2wGJGv8PyzpL1FLOAkGkzdnEVomFHKnP:cZ3T3v8PyzpRFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-03_0143383faca89d9bc4e28b9405877871_avoslocker_metamorfo

Files

2024-05-03_0143383faca89d9bc4e28b9405877871_avoslocker_metamorfo
.exe windows:6 windows x86 arch:x86

8845d60c12b93650f6e5693272b583a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\ctwow\wowdoor\src\CTWDoor\Release\CTWDoor.pdb

Imports

kernel32

LCMapStringW
CompareStringW
GetStringTypeW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetConsoleOutputCP
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
GetTimeZoneInformation
GetConsoleMode
ReadConsoleW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
SetFilePointerEx
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetTempFileNameA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
Sleep
GetTickCount
FindResourceExW
SetErrorMode
GetTempPathA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LocalAlloc
InitializeCriticalSectionAndSpinCount
GetThreadLocale
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
CreateFileA
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
WaitForSingleObject
SetEvent
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
GlobalUnlock
GlobalFree
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetVersionExA
GetCurrentThreadId
GetCurrentThread
SetLastError
OutputDebugStringA
GetProcessHeap
CreateMutexA
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
WritePrivateProfileStringA
RemoveDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
GetModuleFileNameA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CloseHandle
GetLastError
HeapQueryInformation
WriteConsoleW

user32

InvalidateRgn
CopyAcceleratorTableA
ReleaseCapture
SetCapture
CharNextA
GetAsyncKeyState
GetMenuItemInfoA
DestroyMenu
RealChildWindowFromPoint
DeleteMenu
CopyImage
CharUpperA
IntersectRect
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetCursorPos
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
EnumDisplayMonitors
SystemParametersInfoA
LoadCursorW
LoadCursorA
SetRectEmpty
SetLayeredWindowAttributes
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DrawIconEx
IsRectEmpty
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetNextDlgGroupItem
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyIcon
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuA
FindWindowA
PostMessageA
GetClassInfoA
LoadIconW
SendMessageA
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
MessageBeep
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
LoadMenuW
GetSystemMenu
DeferWindowPos
BeginDeferWindowPos
WindowFromPoint
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
DrawStateA
SetRect
SetTimer
GetWindowRect
SetWindowRgn
GetClientRect
IsIconic
GetSystemMetrics
DrawIcon
LoadBitmapW
OffsetRect
InvalidateRect
UpdateWindow
KillTimer
SetForegroundWindow
MapVirtualKeyA
EnableWindow
UnregisterClassA
PostQuitMessage
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetParent
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
GetIconInfo
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
GetWindowRgn
DestroyCursor
InvertRect
HideCaret
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
WaitMessage
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
CharUpperBuffA
SubtractRect
GetKeyNameTextA
RegisterClipboardFormatA
UpdateLayeredWindow
CreateAcceleratorTableA
LoadAcceleratorsW
EqualRect

gdi32

PatBlt
ExtTextOutA
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
CreateDIBitmap
CreateFontIndirectA
CreatePen
CreatePatternBrush
EnumFontFamiliesA
GetDeviceCaps
GetStockObject
GetTextCharsetInfo
CopyMetaFileA
CreateDCA
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
GetTextExtentPoint32A
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
SetTextColor
SetBkColor
DeleteDC
BitBlt
GetObjectA
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
CreateRoundRectRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHGetFileInfoA
SHAppBarMessage
ShellExecuteA
DragQueryFileA
DragFinish
SHGetMalloc

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA

uxtheme

DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
IsAppThemed
DrawThemeText
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent

ole32

OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleFlushClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoUninitialize
OleIsCurrentClipboard
DoDragDrop
CoCreateGuid

oleaut32

SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
OleCreateFontIndirect
VariantCopy
VariantInit
VarBstrFromDate
SysAllocStringByteLen
SysStringLen
VariantClear
VariantChangeType
SysFreeString
SysAllocStringLen

oledlg

ord8

gdiplus

GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipGetImageGraphicsContext
GdipAlloc
GdiplusShutdown
GdipGetImageWidth
GdipCreateBitmapFromStream

ws2_32

inet_ntoa
gethostbyname
WSACleanup
WSAStartup

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

InternetConnectA
HttpSendRequestA
HttpOpenRequestA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetCloseHandle
InternetOpenA

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8845d60c12b93650f6e5693272b583a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

oleacc

wininet

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 325KB - Virtual size: 324KB

.data Size: 23KB - Virtual size: 40KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 141KB - Virtual size: 140KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 325KB - Virtual size: 324KB

.data
Size: 23KB - Virtual size: 40KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 141KB - Virtual size: 140KB