2024-06-05_3828a107f04be98131bd21fe5fa023f6_avoslocker

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-05_3828a107f04be98131bd21fe5fa023f6_avoslocker
Size

2.2MB
MD5

3828a107f04be98131bd21fe5fa023f6
SHA1

15389ee9e9193e3ed612d7e6cca79bb74ee6ffc6
SHA256

4f3a508851e25bae70573318ac0f97b1e7a6e64099fab9ee08d93dd304753c96
SHA512

8727b9436c4e8dea0d175f8a06da09f38d50b0eedb571f992cfebe0e312fb4625cc6b7d8ef88bb96dba2e90e03010b690a2f64351c3b480d826a4b2a31df3452
SSDEEP

49152:Ub9O7vI4uGNvrTQquB1BiQlYx+4GQdvNGY78iCoJ/lcnfoS/iHg3EpzPMRF:UavI4u2rTrK1sQlYxPGQdVG+8iD9cnfM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-05_3828a107f04be98131bd21fe5fa023f6_avoslocker

Files

2024-06-05_3828a107f04be98131bd21fe5fa023f6_avoslocker
.exe windows:6 windows x86 arch:x86

6f0eaf6026e9322be52aa8f6ea1777c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\loggersuite\browsers\ipwave\Release\ipwave.pdb

Imports

ws2_32

WSACleanup
gethostbyname
ntohl
inet_ntoa
WSAStartup
gethostname
inet_addr
WSAWaitForMultipleEvents
WSASocketA
WSASend
WSARecv
WSAGetOverlappedResult
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSAConnect
WSACloseEvent
htonl

mpr

WNetEnumResourceA
WNetCloseEnum
WNetOpenEnumA

kernel32

GetConsoleMode
GetConsoleOutputCP
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
ExitProcess
GetFileType
FindFirstFileExW
InitializeSListHead
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
RtlUnwind
OutputDebugStringW
SetFilePointerEx
FindNextFileW
IsValidCodePage
SetStdHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
Sleep
SearchPathA
GetProfileIntA
GetTickCount
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetEnvironmentStringsW
GetWindowsDirectoryA
FindResourceExW
SetErrorMode
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
SystemTimeToFileTime
ReplaceFileA
GetTempFileNameA
SetFileTime
GetFileTime
GetFileAttributesA
GetDiskFreeSpaceA
GetStringTypeExA
GetThreadLocale
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GetPrivateProfileIntA
lstrcmpA
GetModuleFileNameA
GetCurrentThread
SuspendThread
SetThreadPriority
GetCurrentProcessId
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
MultiByteToWideChar
CopyFileA
FormatMessageA
LocalFree
SetLastError
MulDiv
GetFileSize
GetLocalTime
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
WaitForMultipleObjects
CreateEventA
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
GetProcAddress
GetModuleHandleA
CreateMutexA
ReleaseMutex
GetVersionExA
ResumeThread
TerminateThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
CloseHandle
WideCharToMultiByte
GetStartupInfoA
FindResourceW
SizeofResource
LockResource
LoadResource
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
QueryPerformanceFrequency

user32

LoadCursorA
SetCursorPos
SetCapture
DeleteMenu
GetSystemMenu
MonitorFromPoint
SetParent
CharUpperA
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageA
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsZoomed
ReuseDDElParam
UnpackDDElParam
LoadImageA
DestroyIcon
GetWindowThreadProcessId
GetDesktopWindow
InsertMenuItemA
DestroyMenu
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseCapture
GetActiveWindow
BringWindowToTop
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
EqualRect
MapWindowPoints
DestroyCursor
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
DrawFocusRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
SetWindowPos
DestroyWindow
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
DrawIconEx
GetIconInfo
MessageBeep
GetSysColorBrush
EnableScrollBar
HideCaret
InvertRect
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
RealChildWindowFromPoint
GetMenuItemInfoA
CopyImage
GetAsyncKeyState
MapDialogRect
GetKeyNameTextA
MapVirtualKeyA
UnionRect
KillTimer
WindowFromPoint
SetRect
TrackMouseEvent
LoadImageW
GetWindowDC
GetDC
LoadAcceleratorsW
LoadMenuW
GetDCEx
LockWindowUpdate
DrawIcon
SetWindowRgn
GetMenuDefaultItem
MessageBoxA
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
SetClassLongA
GetWindowRgn
CreateMenu
IsChild
IsIconic
SetTimer
InvalidateRect
GetWindowRect
CopyRect
OffsetRect
SendMessageA
EnableWindow
PostMessageA
GetClientRect
SetCursor
LoadCursorW
UpdateWindow
InflateRect
GetWindowPlacement
GetSystemMetrics
IntersectRect
SystemParametersInfoA
UnregisterClassA
FillRect
IsRectEmpty
PtInRect
GetSysColor
SetRectEmpty
GetParent
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
SubtractRect
TranslateMDISysAccel
GetNextDlgGroupItem
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetComboBoxInfo
UpdateLayeredWindow
FrameRect
CopyIcon
DrawFrameControl
SetForegroundWindow
DrawEdge

gdi32

GetDIBits
GetPaletteEntries
PlgBlt
SelectObject
SetDIBits
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateHalftonePalette
GetObjectA
GetTextAlign
Rectangle
Ellipse
DPtoLP
CopyMetaFileA
CreateDCA
BitBlt
CreateBitmap
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
GetDeviceCaps
MoveToEx
TextOutA
ExtTextOutA
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
CreateFontA
GetCharWidthA
StretchDIBits
GetBkColor
CreateEllipticRgn
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
DeleteObject
CreateCompatibleDC
CreateFontIndirectA
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
LPtoDP
ExtCreatePen
CreateSolidBrush
CreatePen
DeleteDC
GetClipBox
GetTextMetricsA
GetTextExtentPoint32A
RealizePalette

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExW
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

GetCurrentThemeName
GetThemeColor
IsAppThemed
GetThemePartSize
GetWindowTheme
OpenThemeData
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
CloseThemeData
GetThemeSysColor

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateStreamOnHGlobal

oleaut32

VariantCopy
VarBstrFromDate
SysAllocString
SysStringLen
VariantClear
LoadTypeLi
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantChangeType

wsock32

WSAGetLastError
WSASetLastError
ntohs
htons
getsockname
getpeername
closesocket
bind

gdiplus

GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDrawImageI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipSaveImageToStream
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0eaf6026e9322be52aa8f6ea1777c0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

mpr

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

wsock32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 352KB - Virtual size: 351KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 41KB - Virtual size: 41KB

.reloc Size: 149KB - Virtual size: 149KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 352KB - Virtual size: 351KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 41KB - Virtual size: 41KB

.reloc
Size: 149KB - Virtual size: 149KB