General

Malware Config

Signatures

Files

• 2024-05-23_49d0d29f68cd7a860be1e78fd656b9c1_avoslocker

  .exe windows:6 windows x86 arch:x86

  3fa8f4c84c81e2ab6d91566bed77b600

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  D:\Projects\多开器\倩女幽魂手游桌面版多开器\Release\Client.pdb

  Imports

  kernel32

  FindResourceExW

  SearchPathW

  GetProfileIntW

  GetTempFileNameW

  ResetEvent

  WaitForSingleObjectEx

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  SetEnvironmentVariableW

  GetOEMCP

  GetACP

  IsValidCodePage

  FindFirstFileExW

  VerifyVersionInfoW

  GetSystemDefaultUILanguage

  LCMapStringW

  SetFilePointerEx

  GetConsoleMode

  GetConsoleOutputCP

  GetStdHandle

  GetFileType

  SetStdHandle

  GetSystemInfo

  QueryPerformanceFrequency

  HeapQueryInformation

  GetModuleHandleExW

  FreeLibraryAndExitThread

  ExitThread

  GetCommandLineW

  GetCommandLineA

  GetTimeZoneInformation

  RtlUnwind

  GetCPInfo

  GetStringTypeW

  OutputDebugStringW

  GetTickCount64

  VerSetConditionMask

  GlobalFlags

  GetLocaleInfoW

  GetCurrentDirectoryW

  GlobalGetAtomNameW

  LocalReAlloc

  GlobalHandle

  GlobalReAlloc

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  SetErrorMode

  GetFileTime

  GetFileSizeEx

  GetFileAttributesExW

  InitializeCriticalSectionAndSpinCount

  CompareStringW

  GetUserDefaultUILanguage

  GlobalFindAtomW

  GetSystemDirectoryW

  EncodePointer

  GlobalAddAtomW

  GlobalDeleteAtom

  GetVersionExW

  lstrcmpA

  CopyFileW

  FormatMessageW

  GlobalSize

  GetThreadLocale

  lstrcmpiW

  LoadLibraryA

  GetModuleHandleA

  OutputDebugStringA

  UnlockFile

  SetFilePointer

  SetEndOfFile

  ReadFile

  LockFile

  GetVolumeInformationW

  GetFullPathNameW

  GetFileSize

  FlushFileBuffers

  DeleteFileW

  FileTimeToSystemTime

  SystemTimeToTzSpecificLocalTime

  FindNextFileW

  FindFirstFileW

  FindClose

  FileTimeToLocalFileTime

  LoadLibraryExW

  VirtualQuery

  GetCurrentThread

  GetCurrentThreadId

  VirtualAlloc

  VirtualProtect

  GetExitCodeProcess

  VirtualQueryEx

  IsWow64Process

  CreateProcessW

  ExitProcess

  VirtualProtectEx

  SetLastError

  GetProcessHeap

  DecodePointer

  HeapAlloc

  RaiseException

  HeapReAlloc

  HeapSize

  InitializeCriticalSectionEx

  HeapFree

  SetThreadPriority

  GlobalMemoryStatusEx

  WinExec

  lstrlenW

  GetWindowsDirectoryW

  MulDiv

  GetExitCodeThread

  WriteFile

  AssignProcessToJobObject

  CreateJobObjectW

  ReadProcessMemory

  Module32NextW

  Module32FirstW

  GetProcessId

  GetNativeSystemInfo

  GetFileAttributesW

  LocalFree

  LocalAlloc

  DeviceIoControl

  CreateFileW

  WaitForSingleObject

  CreateRemoteThread

  WriteProcessMemory

  VirtualAllocEx

  TerminateProcess

  Process32NextW

  Process32FirstW

  CreateToolhelp32Snapshot

  DuplicateHandle

  OpenProcess

  GetModuleHandleW

  GetCurrentProcess

  GetSystemTimes

  lstrcmpW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetPrivateProfileIntW

  lstrcpyW

  GlobalFree

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  GetModuleFileNameW

  FreeLibrary

  SetEvent

  CreateEventW

  GetProcAddress

  LoadLibraryW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  LeaveCriticalSection

  EnterCriticalSection

  Sleep

  GetCurrentProcessId

  CloseHandle

  GetLastError

  CreateMutexW

  ResumeThread

  CreateThread

  lstrcatA

  GetTempPathA

  lstrcatW

  GetTempPathW

  WideCharToMultiByte

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  MultiByteToWideChar

  DeleteCriticalSection

  InitializeCriticalSection

  WriteConsoleW

  VirtualQuery

  GetSystemTimeAsFileTime

  GetModuleHandleA

  CreateEventA

  GetModuleFileNameW

  LoadLibraryA

  TerminateProcess

  GetCurrentProcess

  CreateToolhelp32Snapshot

  Thread32First

  GetCurrentProcessId

  GetCurrentThreadId

  OpenThread

  Thread32Next

  CloseHandle

  SuspendThread

  ResumeThread

  WriteProcessMemory

  GetSystemInfo

  VirtualAlloc

  VirtualProtect

  VirtualFree

  GetProcessAffinityMask

  SetProcessAffinityMask

  GetCurrentThread

  SetThreadAffinityMask

  Sleep

  FreeLibrary

  GetTickCount

  GlobalFree

  GetProcAddress

  LocalAlloc

  LocalFree

  ExitProcess

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  DeleteCriticalSection

  GetModuleHandleW

  LoadResource

  MultiByteToWideChar

  FindResourceExW

  FindResourceExA

  WideCharToMultiByte

  GetThreadLocale

  GetUserDefaultLCID

  GetSystemDefaultLCID

  EnumResourceNamesA

  EnumResourceNamesW

  EnumResourceLanguagesA

  EnumResourceLanguagesW

  EnumResourceTypesA

  EnumResourceTypesW

  CreateFileW

  LoadLibraryW

  GetLastError

  FlushFileBuffers

  CreateFileA

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  GetCommandLineA

  RaiseException

  RtlUnwind

  HeapFree

  GetCPInfo

  InterlockedIncrement

  InterlockedDecrement

  GetACP

  GetOEMCP

  IsValidCodePage

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  HeapAlloc

  LCMapStringA

  LCMapStringW

  SetHandleCount

  GetStdHandle

  GetFileType

  GetStartupInfoA

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  HeapCreate

  HeapDestroy

  QueryPerformanceCounter

  HeapReAlloc

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  HeapSize

  WriteFile

  SetFilePointer

  GetConsoleCP

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  SetStdHandle

  LocalAlloc

  LocalFree

  GetModuleFileNameW

  GetProcessAffinityMask

  SetProcessAffinityMask

  SetThreadAffinityMask

  Sleep

  ExitProcess

  FreeLibrary

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  user32

  CopyImage

  ReleaseCapture

  SetCapture

  WaitMessage

  GetSysColorBrush

  IntersectRect

  WindowFromPoint

  LoadMenuW

  DrawStateW

  SystemParametersInfoW

  GetMenuItemInfoW

  DestroyMenu

  OffsetRect

  SetRectEmpty

  SendDlgItemMessageA

  FillRect

  ClientToScreen

  GetWindowDC

  TabbedTextOutW

  GrayStringW

  DrawTextExW

  DrawTextW

  GetMonitorInfoW

  MonitorFromWindow

  WinHelpW

  GetScrollInfo

  SetScrollInfo

  UnhookWindowsHookEx

  GetTopWindow

  GetClassNameW

  GetClassLongW

  EqualRect

  MapWindowPoints

  AdjustWindowRectEx

  RemovePropW

  GetPropW

  SetPropW

  ShowScrollBar

  GetScrollRange

  SetScrollRange

  GetScrollPos

  SetScrollPos

  ScrollWindow

  RedrawWindow

  EndPaint

  BeginPaint

  GetForegroundWindow

  TrackPopupMenu

  SetMenu

  GetMenu

  GetCapture

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  SetWindowPlacement

  GetWindowPlacement

  IsChild

  IsMenu

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  CallWindowProcW

  DefWindowProcW

  GetMessageTime

  RegisterWindowMessageW

  CopyRect

  MapVirtualKeyW

  GetKeyNameTextW

  GetNextDlgTabItem

  EndDialog

  CreateDialogIndirectParamW

  DestroyWindow

  GetLastActivePopup

  ShowOwnedPopups

  CallNextHookEx

  SetWindowsHookExW

  GetCursorPos

  ValidateRect

  GetKeyState

  GetActiveWindow

  PeekMessageW

  DispatchMessageW

  TranslateMessage

  GetMessageW

  SetMenuItemInfoW

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  EnableMenuItem

  CheckMenuItem

  IsDialogMessageW

  GetWindowLongW

  GetWindowTextLengthW

  GetWindowTextW

  SetWindowTextW

  IsWindowEnabled

  GetFocus

  SetFocus

  GetDlgCtrlID

  DeleteMenu

  RealChildWindowFromPoint

  CharNextW

  EmptyClipboard

  MessageBoxW

  SetForegroundWindow

  SetActiveWindow

  SendMessageW

  CheckDlgButton

  GetDlgItem

  MoveWindow

  ShowWindow

  MapDialogRect

  GetWindow

  SetWindowContextHelpId

  SetWindowPos

  RemoveMenu

  InsertMenuW

  GetMenuItemCount

  GetMenuItemID

  CopyAcceleratorTableW

  InvalidateRgn

  SetRect

  IsRectEmpty

  GetNextDlgGroupItem

  DestroyIcon

  GetAsyncKeyState

  TrackMouseEvent

  LoadImageW

  SetLayeredWindowAttributes

  EnumDisplayMonitors

  IsZoomed

  SetWindowRgn

  NotifyWinEvent

  GetSubMenu

  GetMenuState

  CreatePopupMenu

  GetMenuDefaultItem

  SetMenuDefaultItem

  UpdateLayeredWindow

  EnableScrollBar

  UnionRect

  MonitorFromPoint

  BringWindowToTop

  LoadAcceleratorsW

  TranslateAcceleratorW

  InsertMenuItemW

  EnableWindow

  LoadIconW

  GetSystemMenu

  AppendMenuW

  PostQuitMessage

  SetWindowLongW

  LoadBitmapW

  IsIconic

  GetSystemMetrics

  GetClientRect

  DrawIcon

  GetDC

  ReleaseDC

  wsprintfW

  GetParent

  IsWindowVisible

  GetWindowThreadProcessId

  PostMessageW

  EnumWindows

  SetTimer

  KillTimer

  UpdateWindow

  InvalidateRect

  GetDesktopWindow

  MessageBeep

  GetMessagePos

  ScreenToClient

  PtInRect

  SetCursor

  GetSysColor

  IsWindow

  GetWindowRect

  InflateRect

  LoadCursorW

  CopyIcon

  UnregisterClassW

  CharUpperW

  GetMenuStringW

  SetClassLongW

  SetClipboardData

  SetParent

  DrawEdge

  DrawFrameControl

  SetCursorPos

  FrameRect

  ToUnicodeEx

  GetKeyboardLayout

  GetKeyboardState

  CreateAcceleratorTableW

  DestroyAcceleratorTable

  LockWindowUpdate

  CharUpperBuffW

  ModifyMenuW

  PostThreadMessageW

  GetComboBoxInfo

  IsCharLowerW

  MapVirtualKeyExW

  GetDoubleClickTime

  IsClipboardFormatAvailable

  GetUpdateRect

  DrawMenuBar

  DefFrameProcW

  DefMDIChildProcW

  TranslateMDISysAccel

  SubtractRect

  CreateMenu

  DestroyCursor

  GetWindowRgn

  CloseClipboard

  OpenClipboard

  InvertRect

  HideCaret

  GetIconInfo

  DrawIconEx

  DrawFocusRect

  RegisterClipboardFormatW

  ReuseDDElParam

  UnpackDDElParam

  GetUserObjectInformationW

  CharUpperBuffW

  MessageBoxW

  GetProcessWindowStation

  GetProcessWindowStation

  GetUserObjectInformationW

  gdi32

  CreateSolidBrush

  DeleteObject

  Escape

  ExcludeClipRect

  GetClipBox

  GetObjectType

  GetPixel

  GetViewportExtEx

  GetWindowExtEx

  IntersectClipRect

  LineTo

  PtVisible

  RectVisible

  RestoreDC

  SaveDC

  SelectClipRgn

  ExtSelectClipRgn

  SelectPalette

  SetBkMode

  SetMapMode

  SetLayout

  GetLayout

  SetPolyFillMode

  SetROP2

  SetTextAlign

  MoveToEx

  TextOutW

  ExtTextOutW

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  SetWindowOrgEx

  OffsetViewportOrgEx

  OffsetWindowOrgEx

  ScaleViewportExtEx

  ScaleWindowExtEx

  CreateRectRgn

  GetMapMode

  SetRectRgn

  DPtoLP

  GetBkColor

  GetTextColor

  GetRgnBox

  GetTextMetricsW

  CreateCompatibleBitmap

  CreateDIBitmap

  EnumFontFamiliesW

  GetTextCharsetInfo

  CreateRoundRectRgn

  CreateDIBSection

  EnumFontFamiliesExW

  CreatePalette

  GetNearestPaletteIndex

  GetPaletteEntries

  GetSystemPaletteEntries

  RealizePalette

  SetPixel

  SetDIBColorTable

  CreateEllipticRgn

  Ellipse

  CreatePolygonRgn

  Polygon

  Polyline

  LPtoDP

  OffsetRgn

  Rectangle

  RoundRect

  ExtFloodFill

  SetPaletteEntries

  FillRgn

  FrameRgn

  GetBoundsRect

  PtInRegion

  GetWindowOrgEx

  GetViewportOrgEx

  SetPixelV

  GetTextFaceW

  CreatePatternBrush

  CreatePen

  CreateHatchBrush

  BitBlt

  SetTextColor

  SetBkColor

  PatBlt

  CreateRectRgnIndirect

  CreateBitmap

  CreateDCW

  CopyMetaFileW

  DeleteDC

  GetTextExtentPoint32W

  CreateFontIndirectW

  GetStockObject

  GetDeviceCaps

  StretchBlt

  GetObjectW

  CombineRgn

  SelectObject

  CreateCompatibleDC

  msimg32

  TransparentBlt

  AlphaBlend

  winspool.drv

  DocumentPropertiesW

  OpenPrinterW

  ClosePrinter

  advapi32

  RegCreateKeyExW

  RegEnumKeyExW

  RegEnumValueW

  RegEnumKeyW

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegQueryValueW

  RegQueryValueExW

  RegCloseKey

  RegGetValueW

  RegOpenKeyExW

  shell32

  SHGetKnownFolderPath

  ShellExecuteW

  SHGetFileInfoW

  DragQueryFileW

  DragFinish

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  SHGetDesktopFolder

  SHBrowseForFolderW

  SHAppBarMessage

  comctl32

  InitCommonControlsEx

  shlwapi

  PathRemoveFileSpecW

  PathIsUNCW

  PathStripToRootW

  PathFindExtensionW

  PathFindFileNameW

  StrFormatKBSizeW

  uxtheme

  IsThemeBackgroundPartiallyTransparent

  IsAppThemed

  DrawThemeText

  DrawThemeParentBackground

  GetThemePartSize

  OpenThemeData

  CloseThemeData

  DrawThemeBackground

  GetThemeColor

  GetCurrentThemeName

  GetWindowTheme

  GetThemeSysColor

  ole32

  CoInitializeEx

  OleIsCurrentClipboard

  DoDragDrop

  OleFlushClipboard

  CreateStreamOnHGlobal

  CoRegisterMessageFilter

  OleGetClipboard

  CoLockObjectExternal

  RegisterDragDrop

  RevokeDragDrop

  OleLockRunning

  OleCreateMenuDescriptor

  OleDestroyMenuDescriptor

  OleTranslateAccelerator

  IsAccelerator

  OleInitialize

  CoFreeUnusedLibraries

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CoGetClassObject

  CoDisconnectObject

  CoRevokeClassObject

  CoInitialize

  CLSIDFromProgID

  CLSIDFromString

  CoCreateGuid

  CoUninitialize

  ReleaseStgMedium

  OleDuplicateData

  CoTaskMemAlloc

  CoCreateInstance

  CoTaskMemFree

  OleUninitialize

  CreateILockBytesOnHGlobal

  oleaut32

  VarBstrFromDate

  VariantCopy

  OleCreateFontIndirect

  SafeArrayDestroy

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  SysStringLen

  LoadTypeLi

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocStringLen

  SysAllocString

  SysFreeString

  oledlg

  OleUIBusyW

  gdiplus

  GdipDrawImageI

  GdipDeleteGraphics

  GdipBitmapUnlockBits

  GdipBitmapLockBits

  GdipCreateBitmapFromHBITMAP

  GdipCreateFromHDC

  GdipSetInterpolationMode

  GdiplusShutdown

  GdipAlloc

  GdipFree

  GdiplusStartup

  GdipCloneImage

  GdipDisposeImage

  GdipGetImageGraphicsContext

  GdipGetImageWidth

  GdipGetImageHeight

  GdipGetImagePixelFormat

  GdipGetImagePalette

  GdipGetImagePaletteSize

  GdipCreateBitmapFromStream

  GdipCreateBitmapFromScan0

  GdipDrawImageRectI

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  ws2_32

  ioctlsocket

  closesocket

  htons

  socket

  WSACleanup

  WSAStartup

  recv

  send

  connect

  select

  WSAGetLastError

  setsockopt

  inet_addr

  oleacc

  LresultFromObject

  CreateStdAccessibleObject

  AccessibleObjectFromWindow

  imm32

  ImmReleaseContext

  ImmGetOpenStatus

  ImmGetContext

  winmm

  PlaySoundW

  wtsapi32

  WTSSendMessageW

  Sections

  .text

  Size: 1.6MB - Virtual size: 1.6MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 362KB - Virtual size: 362KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 24KB - Virtual size: 46KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .detourc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .detourd

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmps0

  Size: 3.4MB - Virtual size: 3.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .vmps1

  Size: 2.8MB - Virtual size: 2.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 153KB - Virtual size: 153KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 872KB - Virtual size: 872KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ