2024-05-24_196ab861a6585c08de47d8ced4ce8b76_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-24_196ab861a6585c08de47d8ced4ce8b76_avoslocker
Size

3.5MB
MD5

196ab861a6585c08de47d8ced4ce8b76
SHA1

3e6a075310a518d71a6e0b359a6567a7282d507f
SHA256

e788bfdfe12f4f7ffe523b2381a8c5bc5726ffa0e7f92af92d6b4f88afed887b
SHA512

c584a109e6ac92ab63f488beaaf940bc61567c29d46cdbd25723fcc9ed49c0ed5c6e36407c78592de14cfb1a51575ae7bc5c5cf76d98ed9f59148e38dec67592
SSDEEP

98304:+lGrstzLeYBf6/7aXEakCXyvx4cbKme34q5uxzrcgONqtxhWwH3kF1B:+lTtzt0aCul4tcTNqtxhWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-24_196ab861a6585c08de47d8ced4ce8b76_avoslocker

Files

2024-05-24_196ab861a6585c08de47d8ced4ce8b76_avoslocker
.exe windows:6 windows x86 arch:x86

424e208330bb122937332a7d56832d90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Devon\workspace\repos\development_io\PxServerConfig\project\Win32\Release\PxServerConfig.pdb

Imports

kernel32

ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
IsValidLocale
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
GetStdHandle
GetDateFormatW
GetTimeFormatW
CompareStringW
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
DeleteFileW
MoveFileExW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
CreateFileW
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
LCMapStringW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
SearchPathA
GetProfileIntA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
lstrcpyA
GetStringTypeExA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
DeleteFileA
GetCurrentDirectoryA
FindResourceExW
GetACP
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
CloseHandle
VirtualProtect
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
LoadLibraryA
FreeLibrary
GetWindowsDirectoryA
GetModuleHandleA
Sleep
GetCurrentThreadId
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
GetModuleFileNameA
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
ExitThread
WriteConsoleW

user32

GetMenuDefaultItem
CreatePopupMenu
LoadImageW
TrackMouseEvent
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableA
ReleaseCapture
SetCapture
CharNextA
CharUpperA
KillTimer
SetTimer
DeleteMenu
GetDialogBaseUnits
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
RealChildWindowFromPoint
IntersectRect
InflateRect
GetSysColorBrush
GetSystemMetrics
MapVirtualKeyA
GetKeyNameTextA
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageA
MapDialogRect
GetAsyncKeyState
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
RegisterClipboardFormatA
EqualRect
CopyRect
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
ReuseDDElParam
UnregisterClassA
EnableWindow
SendMessageA
LoadIconW
SetFocus
GetDlgCtrlID
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
IsWindow
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
SetClassLongA
SetWindowRgn
SetParent
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
PtInRect
LoadCursorW
CreateWindowExA
DestroyWindow
GetDlgItem
DestroyIcon
LoadImageA
InvalidateRect
MessageBeep
SetCursor
LoadCursorA
CopyIcon
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
UnpackDDElParam
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
LoadBitmapW
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetDCEx
GetTabbedTextExtentA
GetTabbedTextExtentW
GetMenuBarInfo
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
PostThreadMessageA
DrawIcon
FrameRect
SetCursorPos
BringWindowToTop

gdi32

GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetViewportExtEx
EnumFontFamiliesExA
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
CreateFontA
GetCharWidthA
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetObjectA
GetStockObject
GetTextMetricsA
CreateBitmap
CreateFontIndirectA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
GetJobA
OpenPrinterA
DocumentPropertiesA

advapi32

GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueA
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileA
SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
SHGetFileInfoA
ExtractIconA
SHAddToRecentDocs
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA
SHAppBarMessage

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

GetThemePartSize
DrawThemeText
DrawThemeParentBackground
GetThemeSysColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent

ole32

CoRegisterClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
CoRevokeClassObject
StgIsStorageFile
CreateFileMoniker
OleIsRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
StgOpenStorage
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
OleCreateFromData
OleCreateLinkFromData
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleSetClipboard
OleDuplicateData

oleaut32

VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SysAllocString
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
OleCreateFontIndirect
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SafeArrayGetDim
SafeArrayCreate

oledlg

ord8

gdiplus

GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFile

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 587KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

424e208330bb122937332a7d56832d90

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 587KB - Virtual size: 587KB

.data Size: 36KB - Virtual size: 55KB

.rsrc Size: 147KB - Virtual size: 147KB

.reloc Size: 213KB - Virtual size: 212KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 587KB - Virtual size: 587KB

.data
Size: 36KB - Virtual size: 55KB

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 213KB - Virtual size: 212KB