2024-05-04_15123fd07c4ee654d0828f4781ebb54f_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-04_15123fd07c4ee654d0828f4781ebb54f_avoslocker
Size

2.0MB
MD5

15123fd07c4ee654d0828f4781ebb54f
SHA1

7b7e44c0461a28212ae00b6c3f3f7f0066168d14
SHA256

6460fdca3ba3362add7a8af7ed0308fcc331ad90069aa57caebbb5f7830c4050
SHA512

4b588afbca6f22a540ed1de337d55f515e5c7ef597b076c26abe02aa5ee68f9ed683341a89019212542588a7443eccfd0418656adc09f6ed82e0f2499fe0867c
SSDEEP

49152:LJyHhJjJoxXdp4hyWnVKp+A5KA7Mhi5KSUPYHGdkap6tkhH8mH:LJyHhJGx32yMVKp+A5KzYUSUPYHokapH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-04_15123fd07c4ee654d0828f4781ebb54f_avoslocker

Files

2024-05-04_15123fd07c4ee654d0828f4781ebb54f_avoslocker
.exe windows:6 windows x86 arch:x86

1e7eca4588790cb75d972a5662263734

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\apreltech\Sib\Sibl\Release\SibJS.pdb

Imports

kernel32

GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetStdHandle
ExitProcess
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
GetCommandLineW
GetCommandLineA
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
CreateThread
SetEnvironmentVariableW
GetFileType
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
LCMapStringW
lstrlenW
MoveFileExW
FindNextFileW
RemoveDirectoryW
CreateDirectoryW
RaiseException
OutputDebugStringW
FreeEnvironmentStringsW
WriteConsoleW
FreeLibrary
GetProcAddress
LoadResource
LockResource
SizeofResource
FindResourceW
LoadLibraryW
MultiByteToWideChar
Sleep
GetModuleFileNameW
WideCharToMultiByte
CreateFileW
GetFileAttributesW
ReadFile
SetFilePointer
CloseHandle
ExpandEnvironmentStringsW
DeleteFileW
GetTempFileNameW
GetTempPathW
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionEx
GetCurrentProcess
GetCurrentThread
VirtualAlloc
VirtualFree
GetModuleHandleW
LocalFree
FormatMessageW
lstrcpynW
ExitThread
MulDiv
SetCurrentDirectoryW
SetFileAttributesW
SetFileTime
DuplicateHandle
WaitForSingleObject
CopyFileW
GlobalAlloc
GlobalFree
lstrcpyW
SetConsoleOutputCP
DecodePointer
HeapReAlloc
HeapSize
GetLastError
DeleteCriticalSection
SetLastError
GlobalSize
GlobalUnlock
GlobalLock
lstrcmpA
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
WriteFile
OutputDebugStringA
GetModuleHandleA
LoadLibraryExW
LoadLibraryA
lstrcmpiW
GetCurrentProcessId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalGetAtomNameW
FileTimeToSystemTime
GetCurrentThreadId
SetThreadPriority
ResumeThread
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GlobalAddAtomW
GlobalFlags
lstrcmpW
EncodePointer
GetSystemDirectoryW
GlobalDeleteAtom
GlobalFindAtomW
GetVersionExW
GetLocaleInfoW
GetUserDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
FindResourceExW
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTickCount64
GetProfileIntW
SearchPathW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
IntersectRect
InflateRect
PostQuitMessage
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropW
GetPropW
CreatePopupMenu
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
SendMessageW
PostThreadMessageW
IsWindowEnabled
MessageBoxW
IsChild
LoadAcceleratorsW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
SetPropW
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetSystemMetrics
GetCursorPos
SetWindowsHookExW
CallNextHookEx
DestroyIcon
GetDlgCtrlID
GetFocus
SetWindowTextW
GetWindowRect
ClientToScreen
PtInRect
GetDesktopWindow
GetClassNameW
GetWindow
RealChildWindowFromPoint
SetFocus
SetScrollPos
GetScrollPos
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
CheckDlgButton
SetWindowLongW
IsDialogMessageW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
MonitorFromPoint
TranslateAcceleratorW
InsertMenuItemW
IsMenu
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
wsprintfW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
CharUpperW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
EnableWindow
DefFrameProcW

gdi32

GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextMetricsW
GetTextExtentPoint32W
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CreateFontIndirectW
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteObject
DeleteDC
GetDeviceCaps
CreateDCW
CopyMetaFileW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

OpenThreadToken
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
GetTokenInformation
GetLengthSid
CopySid
OpenProcessToken

shell32

SHGetFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoUninitialize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantInit
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
SysFreeString
SysAllocString
VarBstrFromDate
VariantCopy
VariantChangeType
LoadTypeLi
SysAllocStringLen
SysStringLen

rpcrt4

UuidCreate
UuidToStringW
RpcStringFreeW

gdiplus

GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipBitmapLockBits

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e7eca4588790cb75d972a5662263734

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

rpcrt4

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 23KB - Virtual size: 40KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 136KB - Virtual size: 136KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 23KB - Virtual size: 40KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 136KB - Virtual size: 136KB