General
-
Target
2024-05-23_9c842ef6c5217bde06529d6bbd663309_avoslocker
-
Size
2.0MB
-
Sample
240523-g9sdgagd33
-
MD5
9c842ef6c5217bde06529d6bbd663309
-
SHA1
ff48da177aab336f12e44f5f0173475708e5ccea
-
SHA256
93c1fa195040b1a6ab0d4fdefc2d9a57c38ad1f014a8b185096a57e4bb7b03c8
-
SHA512
1dcffa2a61639c39ea17634d6d163e6727a1e655e31f0210d7f3566e4731d28d1b950e1d7f3a059b8cafac4a2bfdc8824a73b4cfcdb424faa8cfef0ae560fbcb
-
SSDEEP
49152:d9kZUyP3pgXWFVeVpPsRRE7P7S3gzzNG4QjJOL:dcPFVeVpU7KxG4k6
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_9c842ef6c5217bde06529d6bbd663309_avoslocker.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
2024-05-23_9c842ef6c5217bde06529d6bbd663309_avoslocker
-
Size
2.0MB
-
MD5
9c842ef6c5217bde06529d6bbd663309
-
SHA1
ff48da177aab336f12e44f5f0173475708e5ccea
-
SHA256
93c1fa195040b1a6ab0d4fdefc2d9a57c38ad1f014a8b185096a57e4bb7b03c8
-
SHA512
1dcffa2a61639c39ea17634d6d163e6727a1e655e31f0210d7f3566e4731d28d1b950e1d7f3a059b8cafac4a2bfdc8824a73b4cfcdb424faa8cfef0ae560fbcb
-
SSDEEP
49152:d9kZUyP3pgXWFVeVpPsRRE7P7S3gzzNG4QjJOL:dcPFVeVpU7KxG4k6
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-