2024-05-16_4d04d1d0c0c0640039786584d27fcb7c_avoslocker_floxif

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-16_4d04d1d0c0c0640039786584d27fcb7c_avoslocker_floxif
Size

9.0MB
MD5

4d04d1d0c0c0640039786584d27fcb7c
SHA1

e5057298ea08f83c48054aa7ba403c2cf55b988c
SHA256

f742c6d55e93a9853a515d2d5b5fd808c0d464f3e4d0b8a92f2e918b45b699a8
SHA512

4873263f4b36d82ee1ae52bc640910e66454a1aa86b849ebf99311a6a71017f9a7e3f3b45f2670451086f4356d47f8b120752bc75ae757751a7ef0193e05718b
SSDEEP

196608:LQoOISekn86PPJwcy9ss1aS+xekn86PPJwcy9ssoklqjekn86PPJwcy9ssuY:LQPbnmcOr1kbnmcOro3bnmcOrh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-16_4d04d1d0c0c0640039786584d27fcb7c_avoslocker_floxif

Files

2024-05-16_4d04d1d0c0c0640039786584d27fcb7c_avoslocker_floxif
.exe windows:6 windows x86 arch:x86

ca3be5ad3d0e419d7c6cae9050d46b51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\devel\Ark7\bin.win32\bdzsfx.x86.pdb

Imports

kernel32

GlobalUnlock
MulDiv
GetVersion
DeleteFileW
VirtualAlloc
VirtualFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
ResetEvent
InitializeCriticalSection
lstrcatW
GetFileAttributesA
GetFileAttributesW
lstrcpyW
CreateDirectoryW
SetFileAttributesW
GetCurrentThread
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
IsNormalizedString
NormalizeString
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateHardLinkW
RemoveDirectoryW
CreateSymbolicLinkW
GlobalMemoryStatusEx
SetEndOfFile
SetFileTime
CreateFileA
GetDriveTypeW
WriteFile
FlushFileBuffers
GetTickCount
FindClose
GetModuleFileNameW
lstrcmpiW
RaiseException
LoadLibraryExW
InitializeCriticalSectionEx
SetLastError
GetCurrentThreadId
GetUserDefaultLangID
GlobalLock
GetConsoleMode
GetConsoleCP
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetStdHandle
LCMapStringW
CompareStringW
SetFilePointerEx
GetStdHandle
ExitProcess
GetCommandLineW
GetCommandLineA
GetFileType
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
WriteConsoleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GlobalFree
lstrlenW
WaitForSingleObject
Sleep
GetProcAddress
GetModuleHandleW
GetLastError
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
CloseHandle
CreateFileW
lstrcpynW
ReadFile
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemDirectoryW
FreeLibrary
DecodePointer
LoadLibraryW
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent

user32

GetDlgItem
SystemParametersInfoW
CreateWindowExW
SendMessageW
GetForegroundWindow
GetWindowRect
ScreenToClient
KillTimer
MessageBoxW
SetDlgItemTextW
GetWindow
MonitorFromWindow
MapWindowPoints
GetParent
MoveWindow
GetWindowTextW
DialogBoxParamW
UnregisterClassW
GetActiveWindow
CharNextW
RegisterWindowMessageW
SetTimer
SetWindowLongW
EndPaint
BeginPaint
ShowWindow
EndDialog
GetClientRect
DrawIcon
DrawTextW
GetSysColor
SetWindowPos
GetWindowLongW
PostMessageW
DestroyWindow
IsDialogMessageW
GetMessageW
EnableWindow
GetCapture
CreateDialogIndirectParamW
ReleaseDC
GetDC
OffsetRect
CopyRect
GetMonitorInfoW
MonitorFromRect
SetFocus
GetFocus
DispatchMessageW
TranslateMessage
PeekMessageW
LoadIconW
GetSystemMetrics
SetWindowTextW
InvalidateRect
GetWindowTextLengthW

gdi32

SetBkMode
SetTextColor
GetDeviceCaps
ExtTextOutW
SetBkColor
GetTextExtentPoint32W
GetTextMetricsW
BitBlt
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
GetObjectW
GetStockObject
DeleteObject

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
AreAllAccessesGranted
AccessCheck
OpenThreadToken
RevertToSelf
ImpersonateSelf
GetFileSecurityW

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr

shlwapi

PathIsDirectoryW

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca3be5ad3d0e419d7c6cae9050d46b51

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 211KB - Virtual size: 211KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 4KB - Virtual size: 43KB

.rsrc Size: 38KB - Virtual size: 37KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 211KB - Virtual size: 211KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 4KB - Virtual size: 43KB

.rsrc
Size: 38KB - Virtual size: 37KB

.reloc
Size: 11KB - Virtual size: 10KB