2024-05-09_d1f7495c70147addad825d784533afc1_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-09_d1f7495c70147addad825d784533afc1_avoslocker
Size

8.3MB
MD5

d1f7495c70147addad825d784533afc1
SHA1

8a9fcebaf30b07ea0b5591bb3924ff95b37783fd
SHA256

d513bd5b54098b4713f323eb8d8bc8d814061a7f042b613311a5c750f8896b2c
SHA512

fc6f41ec7374a0d54a3fae21611571423bdce04132c79067b32ed61e333204fad9e2a2c810227869f359e438b0e12938a5cd65881b614e419ed578de743ce98e
SSDEEP

98304:XIukeWKrMRsi8ANzFsQQgXG52hrV1QFdofiQAFLOAkGkzdnEVomFHKnPb:XIly/TqV1QF3FLOyomFHKnPb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-09_d1f7495c70147addad825d784533afc1_avoslocker

Files

2024-05-09_d1f7495c70147addad825d784533afc1_avoslocker
.exe windows:6 windows x86 arch:x86

531d833ded692f8093cce5bf0a674996

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Olaf\Documents\TaskviewManager\_Products\Release\Win32\CallRT.pdb

Imports

ws2_32

inet_addr
recv
send
connect
inet_pton
setsockopt
closesocket
bind
getsockname
socket
WSAStartup
sendto
htons
ntohs
accept
WSAGetLastError
recvfrom
getpeername
WSASetLastError
shutdown
InetPtonW
gethostbyname
listen
inet_ntop
getsockopt
ntohl
gethostname
WSACleanup
getnameinfo

iphlpapi

GetAdaptersInfo

kernel32

FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetTempPathW
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
SetErrorMode
GetTempFileNameW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
LCMapStringEx
SleepConditionVariableCS
LockFile
InitializeConditionVariable
QueryPerformanceFrequency
GetStringTypeW
GetExitCodeThread
lstrcmpiW
DuplicateHandle
WriteFile
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
ExitProcess
GetStdHandle
SetStdHandle
HeapQueryInformation
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
PeekNamedPipe
GetFileType
GetFileInformationByHandle
RtlUnwind
GetCPInfo
CompareStringEx
UnlockFile
SetFilePointer
SetEndOfFile
GetLocaleInfoEx
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
CloseHandle
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetFileSize
GetFileAttributesW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetThreadLocale
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
VerSetConditionMask
WritePrivateProfileStringW
lstrcpyW
GetCurrentThread
lstrcmpA
FileTimeToSystemTime
ResumeThread
K32GetModuleFileNameExW
OpenProcess
GetLastError
CreateDirectoryW
ReadFile
SetThreadPriority
GetVersionExW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeLibrary
GetCurrentThreadId
EncodePointer
OutputDebugStringA
FormatMessageW
GlobalSize
GetDriveTypeW
ReadDirectoryChangesW
GetFileAttributesExW
LocalFree
LocalAlloc
GetDiskFreeSpaceExW
LCIDToLocaleName
CopyFileW
GetPrivateProfileIntW
GetCurrentProcessId
GetTickCount
CreateFileW
CreateMutexW
GetCommandLineW
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
GetLogicalDriveStringsW
SetEvent
GetExitCodeProcess
CreateProcessA
CreateEventW
FindClose
GlobalFree
GlobalAlloc
MulDiv
InitializeCriticalSectionEx
FindFirstFileW
FindNextFileW
GetPrivateProfileStringW
GlobalUnlock
GlobalLock
GetCurrentProcess
CreateToolhelp32Snapshot
Process32FirstW
TerminateProcess
Process32NextW
lstrlenW
GetVersion
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
DeleteFileW
GetModuleFileNameW
GetSystemDirectoryW
GetEnvironmentVariableW
GetCurrentDirectoryW
OutputDebugStringW
CreateThread
TerminateThread
WaitForSingleObject
SetLastError
Sleep
WakeConditionVariable

user32

ToUnicodeEx
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetParent
InvalidateRgn
CopyAcceleratorTableW
CharNextW
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
MessageBeep
DeleteMenu
CharUpperW
IsZoomed
TrackMouseEvent
EnableScrollBar
UpdateLayeredWindow
UnionRect
EmptyClipboard
SetClipboardData
RealChildWindowFromPoint
MonitorFromPoint
GetMenuItemInfoW
DestroyMenu
ShowOwnedPopups
EnumDisplayMonitors
LoadCursorW
SetLayeredWindowAttributes
GetSysColorBrush
SetWindowRgn
DrawFrameControl
MapDialogRect
SetWindowContextHelpId
WaitMessage
PostQuitMessage
SystemParametersInfoW
TranslateMessage
GetMessageW
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
SendDlgItemMessageA
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawIconEx
CopyImage
LoadImageW
DestroyIcon
IsRectEmpty
OffsetRect
InflateRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
SetCursor
SetCapture
GetNextDlgGroupItem
DrawStateW
IsDialogMessageW
IsClipboardFormatAvailable
LoadAcceleratorsW
CheckDlgButton
MoveWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
CreateWindowExW
GetDlgItem
GetDlgCtrlID
GetParent
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
UpdateWindow
SetMenu
GetCapture
SetFocus
SetWindowPlacement
DestroyWindow
IsChild
IsMenu
IsWindow
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
SetWindowLongW
CreateAcceleratorTableW
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
RemoveMenu
InsertMenuW
RegisterClipboardFormatW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
CharUpperBuffW
FrameRect
PostThreadMessageW
HideCaret
InvertRect
SubtractRect
ScreenToClient
GetSysColor
SetRect
EnumWindows
GetIconInfo
UnregisterClassW
LoadBitmapW
SetWindowTextW
GetMenu
GetWindowPlacement
ShowWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetSystemMenu
AppendMenuW
GetFocus
IsIconic
DrawIcon
GetClassNameW
GetClassLongW
DrawEdge
RedrawWindow
TabbedTextOutW
DrawTextExW
GrayStringW
GetKeyState
GetKeyboardState
ToAscii
GetKeyNameTextA
GetKeyboardLayout
CallNextHookEx
GetClassNameA
SetWindowsHookExW
UnhookWindowsHookEx
SetWinEventHook
UnhookWinEvent
GetAsyncKeyState
keybd_event
GetWindowDC
BeginPaint
EndPaint
IsWindowEnabled
MessageBoxW
GetLastActivePopup
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
DrawTextW
SetActiveWindow
ValidateRect
FillRect
CopyRect
GetDC
ReleaseDC
GetClientRect
SetTimer
KillTimer
InvalidateRect
SetWindowPos
EnableWindow
GetWindowTextW
GetWindowThreadProcessId
GetForegroundWindow
GetWindowRect
SendMessageW
GetCursorPos
PtInRect
ReleaseCapture
PostMessageW
IsWindowVisible
LoadIconW
GetDesktopWindow
LoadMenuW
GetSubMenu
TrackPopupMenu
ClientToScreen
FindWindowW
GetLastInputInfo
OpenClipboard
GetClipboardData
CloseClipboard
GetSystemMetrics
GetWindowLongW
EqualRect

gdi32

GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
CreateRectRgn
ExtTextOutW
CreateFontIndirectW
PtVisible
RectVisible
Escape
CreateHatchBrush
CreatePatternBrush
ExcludeClipRect
GetClipBox
GetObjectType
IntersectClipRect
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
LPtoDP
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CombineRgn
CreateRectRgnIndirect
SetRectRgn
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
CreateRoundRectRgn
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreateDIBSection
SetDIBColorTable
GetDIBColorTable
GetDeviceCaps
GetObjectW
CreateBitmap
StretchBlt
SetStretchBltMode
GetBitmapBits
CreateFontW
MoveToEx
LineTo
SetTextColor
SelectObject
SetBkMode
SetTextAlign
TextOutW
CreateSolidBrush
Rectangle
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetPixel
DeleteDC
GetTextExtentPoint32W
CreatePen
PatBlt
ScaleViewportExtEx
GetStockObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

EnumDependentServicesW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegGetValueW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
ControlService
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetUserNameW

shell32

SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
DragQueryFileW
ExtractAssociatedIconW
SHGetFolderPathW
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW
DragFinish

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
ord12
StrFormatKBSizeW

uxtheme

GetThemeColor
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeText
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
GetCurrentThemeName
GetWindowTheme

ole32

CoInitialize
CoUninitialize
CoInitializeEx
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleUninitialize
OleInitialize
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoFreeUnusedLibraries

oleaut32

VarUdateFromDate
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
LoadTypeLi
SafeArrayDestroy
SystemTimeToVariantTime
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantTimeToSystemTime
VarDateFromStr
SysStringLen
SysAllocStringByteLen
SysAllocString
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

gdiplus

GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipBitmapGetPixel
GdiplusStartup
GdipSetInterpolationMode
GdipBitmapLockBits
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree

winmm

PlaySoundW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleacc

AccessibleObjectFromWindow
LresultFromObject
AccessibleObjectFromEvent
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 445KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

531d833ded692f8093cce5bf0a674996

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

iphlpapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

gdiplus

winmm

version

oleacc

imm32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 445KB - Virtual size: 445KB

.data Size: 29KB - Virtual size: 68KB

.rsrc Size: 5.5MB - Virtual size: 5.5MB

.reloc Size: 167KB - Virtual size: 166KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 445KB - Virtual size: 445KB

.data
Size: 29KB - Virtual size: 68KB

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

.reloc
Size: 167KB - Virtual size: 166KB