2024-05-25_83d6165d7b753c2fbb1c0caea1f0f1f9_avoslocker_magniber

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-25_83d6165d7b753c2fbb1c0caea1f0f1f9_avoslocker_magniber
Size

25.8MB
MD5

83d6165d7b753c2fbb1c0caea1f0f1f9
SHA1

938320a971f37f0cfaea5f2068bfbf37cd761907
SHA256

e51699c1672e0ee58d06abafb43525936671ca2f0922fe24a5b5ae9ceeab1ccf
SHA512

8bed1d779d9117e0c62eabe735266364ad023392d6f93332650a31e65f1fe31d4570e297679abf3082c8116ad534b08900133e87f2e2699a53f84b9e96bec429
SSDEEP

393216:XuYwWpV9EPQ7cIg5n7Q7GZWzIw6nNYJnxOzwlAcyjd2upDMUcJ/jcbmF:+YDp3EPRTIIwyYJnxOuKj9pw5j2

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-25_83d6165d7b753c2fbb1c0caea1f0f1f9_avoslocker_magniber

Files

2024-05-25_83d6165d7b753c2fbb1c0caea1f0f1f9_avoslocker_magniber
.exe windows:6 windows x86 arch:x86

04db0ab44f13c268c4f4096dd6316694

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
CreateThread
SetEvent
CreateEventW
SetThreadPriority
VirtualQuery
CopyFileW
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
GetCurrentDirectoryW
GetSystemInfo
GlobalFlags
GetFileAttributesExW
GetVersionExW
GetFileAttributesW
WaitForSingleObject
FindClose
GetModuleFileNameW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
RemoveDirectoryW
TerminateProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
ReadFile
CreateDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
GetUserDefaultLCID
ExitProcess
FindResourceW
LoadResource
LockResource
FreeResource
GetCurrentThreadId
SizeofResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
IsDebuggerPresent
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
DeleteFileW
SetFileAttributesW
Sleep
TryEnterCriticalSection
InitializeCriticalSection
SetPriorityClass
GetPriorityClass
OpenProcess
GetCurrentProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CloseHandle
CreateFileW
GetProcessHeap
DeleteCriticalSection
DecodePointer
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualAlloc
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
GetCommandLineA
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
OutputDebugStringW
GetStartupInfoW
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
LeaveCriticalSection
SystemTimeToTzSpecificLocalTime
GetProfileIntW
SearchPathW
FindResourceExW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
GetFileSize
VerifyVersionInfoW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
lstrcpyW
GetThreadLocale
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
CompareStringA
lstrcmpA
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
EncodePointer
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
FormatMessageW
LocalFree
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree

user32

UnregisterClassW
SendMessageW
EnableWindow
InvalidateRect
WinHelpW
LoadCursorW
GetCursorPos
SetCursorPos
GetFocus
MessageBoxW
IsWindow
SetFocus
GetKeyState
SetCursor
GetWindow
ShowWindow
AdjustWindowRectEx
PeekMessageW
DestroyIcon
IsZoomed
SetRect
GetSystemMenu
CallWindowProcW
FindWindowExW
SetWindowPos
SetWindowRgn
FillRect
ScreenToClient
MessageBeep
WindowFromPoint
GetMenuStringW
GetMenuState
GetMenuItemID
RemoveMenu
RegisterWindowMessageW
DispatchMessageW
GetMessagePos
GetMessageTime
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetForegroundWindow
BeginPaint
EndPaint
ValidateRect
ScrollWindow
ShowScrollBar
GetWindowTextW
GetWindowTextLengthW
MapWindowPoints
EqualRect
GetClassLongW
GetLastActivePopup
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
CheckDlgButton
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
CreateDialogIndirectParamW
EndDialog
SystemParametersInfoW
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetMessageW
TranslateMessage
ShowOwnedPopups
CharNextW
DrawFocusRect
NotifyWinEvent
SendDlgItemMessageA
SetRectEmpty
GetMenuItemInfoW
InflateRect
MonitorFromPoint
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
BringWindowToTop
LoadAcceleratorsW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
TrackMouseEvent
CharUpperW
PostThreadMessageW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CopyAcceleratorTableW
EnumChildWindows
LockWindowUpdate
SetClassLongW
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawFrameControl
DrawIconEx
UnionRect
GetIconInfo
GetMenuDefaultItem
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
ReleaseDC
HideCaret
InvertRect
GetDoubleClickTime
DestroyCursor
GetComboBoxInfo
GetWindowRgn
GetScrollPos
DrawIcon
OffsetRect
RedrawWindow
GetScrollRange
CopyRect
GetDlgCtrlID
ClientToScreen
IsChild
GetTopWindow
IsWindowEnabled
SetMenu
LoadBitmapW
IntersectRect
GetClassNameW
SetParent
SetScrollRange
SetWindowLongW
KillTimer
SetScrollPos
UpdateWindow
IsIconic
GetNextDlgTabItem
IsWindowVisible
GetCapture
GetSysColor
IsRectEmpty
SetCapture
PtInRect
ReleaseCapture
wsprintfW
ModifyMenuW
GetMenu
GetMenuItemCount
DeleteMenu
CreatePopupMenu
TrackPopupMenu
GetSubMenu
DestroyAcceleratorTable
CreateAcceleratorTableW
DestroyMenu
TranslateAcceleratorW
InsertMenuW
CheckMenuItem
AppendMenuW
EnableMenuItem
CreateMenu
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
SetForegroundWindow
CopyImage
GetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
GetPropW
CreateWindowExW
RemovePropW
LoadStringW
GetActiveWindow
GetClassInfoW
SetTimer
RegisterClassW
SetPropW
LoadIconW
GetDesktopWindow
GetParent
LoadImageW
GetWindowRect
GetDC
GetSystemMetrics
GetWindowDC
GetClientRect
GetUpdateRect

gdi32

CreateHatchBrush
GetWindowOrgEx
CreatePatternBrush
GetPixel
CreateRectRgn
CreateBitmap
CombineRgn
GetViewportOrgEx
CreateRoundRectRgn
GetTextMetricsW
CreatePen
Rectangle
Ellipse
CreateSolidBrush
CreateEllipticRgn
RoundRect
PatBlt
GetCurrentObject
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
SetPixel
StretchBlt
RealizePalette
GetStockObject
GetDIBits
GetDeviceCaps
GetSystemPaletteEntries
GetWindowExtEx
CreatePalette
GetObjectW
SetStretchBltMode
CreateFontIndirectW
DeleteObject
DeleteDC
CopyMetaFileW
CreateDCW
SetBkColor
SetTextColor
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SelectPalette
GdiAlphaBlend
SetPixelV
GetTextFaceW
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
LPtoDP
GetPaletteEntries
GetNearestPaletteIndex
EnumFontFamiliesExW
Polyline
Polygon
CreatePolygonRgn
OffsetRgn
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
DPtoLP
SetRectRgn
GetMapMode
GetTextColor
GetBkColor
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx

advapi32

RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW

shell32

Shell_NotifyIconW
SHBrowseForFolderW
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder

ole32

CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
DoDragDrop
OleGetClipboard
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoCreateGuid
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoDisconnectObject
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning

oleaut32

VarBstrFromDate
SafeArrayDestroy
SysStringLen
SysAllocStringLen
VariantCopy
SysAllocString
OleCreateFontIndirect
SysFreeString
LoadTypeLi
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
InitCommonControlsEx

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

ws2_32

WSACleanup

msimg32

TransparentBlt
AlphaBlend

uxtheme

GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
IsAppThemed
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
DrawThemeText
GetWindowTheme

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipSetCompositingMode
GdipGetImageWidth
GdipCreateBitmapFromFile
GdiplusShutdown

ntdll

VerSetConditionMask

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 447KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23.2MB - Virtual size: 23.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04db0ab44f13c268c4f4096dd6316694

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

ws2_32

msimg32

uxtheme

oledlg

gdiplus

ntdll

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 447KB - Virtual size: 447KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 23.2MB - Virtual size: 23.2MB

.reloc Size: 176KB - Virtual size: 176KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 447KB - Virtual size: 447KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 23.2MB - Virtual size: 23.2MB

.reloc
Size: 176KB - Virtual size: 176KB