2024-05-22_33ce0a6ed56fd0c6f9194ad90d72bfec_avoslocker

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-22_33ce0a6ed56fd0c6f9194ad90d72bfec_avoslocker
Size

1.4MB
MD5

33ce0a6ed56fd0c6f9194ad90d72bfec
SHA1

d7f3e5a54d17c0c399455a8a214139006aee2c1a
SHA256

97f944433dc7e630b59d69dfa20ec95a99e74c680a60692814e0aada7af2d86d
SHA512

55694cc416a4ec4d547ed16202330d025d6d9899de284e0fedeca2816dc3a2c0624c8010d2d55f76b255882a3644615fff642398bbd6781aecb9fb5a138d8f28
SSDEEP

24576:gc9+tEZK31m7Z5AYZCHq7roPGSS+RlHUbm58KB:gMoYZCHoSS+RJUbY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2024-05-22_33ce0a6ed56fd0c6f9194ad90d72bfec_avoslocker

Files

2024-05-22_33ce0a6ed56fd0c6f9194ad90d72bfec_avoslocker
.exe windows:6 windows x86 arch:x86

b4ad1f715005efa869b715e149d31fe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Strultz\Desktop\orgmaker-3\source\Release\OrgMaker.pdb

Imports

dsound

ord1

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeKillEvent
timeSetEvent
timeGetTime
PlaySoundA

kernel32

LockResource
FindResourceA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalMemoryStatus
lstrcpyA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateDirectoryA
SetUnhandledExceptionFilter
GetLocalTime
GetModuleFileNameA
lstrcmpiA
lstrcatA
lstrlenA
SetConsoleCtrlHandler
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapReAlloc
LoadResource
DecodePointer
GetFileType
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
CloseHandle
HeapAlloc
HeapFree
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
EncodePointer
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RaiseException
InterlockedFlushSList
InterlockedPushEntrySList
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
WriteConsoleW
GetModuleHandleA
GetFileAttributesA
FindNextFileA
FindFirstFileA
FindClose
OutputDebugStringW
SetStdHandle
GetStringTypeW
FlushFileBuffers
CreateFileW
ReadFile
SetEndOfFile
HeapSize
ReadConsoleW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

LoadIconA
LoadCursorA
GetWindowRect
SetWindowTextA
SetForegroundWindow
UpdateWindow
TranslateAcceleratorA
DestroyAcceleratorTable
LoadAcceleratorsA
CreateDialogParamA
GetWindowPlacement
DestroyWindow
CreateWindowExA
RegisterClassExA
PostQuitMessage
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
SetScrollInfo
ModifyMenuA
CheckMenuItem
DrawMenuBar
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
LoadStringA
IsDialogMessageA
ScreenToClient
GetCursorPos
LoadImageA
DestroyCursor
SetClassLongA
FillRect
ReleaseDC
GetDC
GetSystemMetrics
EndPaint
BeginPaint
DialogBoxParamA
IsDlgButtonChecked
CheckDlgButton
SetWindowPos
PostMessageA
GetSubMenu
EnableMenuItem
GetMenu
GetDlgItem
ReleaseCapture
SetFocus
ShowWindow
SendMessageA
EnableWindow
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
SetDlgItemInt
EndDialog
RedrawWindow
GetKeyState
wsprintfA
MessageBoxA

gdi32

TextOutA
GetStockObject
SelectObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateFontA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

ShellExecuteA
DragAcceptFiles
DragQueryFileA

Sections

.text
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 32.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 859KB - Virtual size: 858KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4ad1f715005efa869b715e149d31fe8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dsound

winmm

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 440KB - Virtual size: 440KB

.rdata Size: 67KB - Virtual size: 67KB

.data Size: 7KB - Virtual size: 32.0MB

.rsrc Size: 859KB - Virtual size: 858KB

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 440KB - Virtual size: 440KB

.rdata
Size: 67KB - Virtual size: 67KB

.data
Size: 7KB - Virtual size: 32.0MB

.rsrc
Size: 859KB - Virtual size: 858KB

.reloc
Size: 19KB - Virtual size: 19KB