2024-06-05_b059469f477c23e413d1b0fc22a53ccd_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-05_b059469f477c23e413d1b0fc22a53ccd_avoslocker
Size

6.2MB
MD5

b059469f477c23e413d1b0fc22a53ccd
SHA1

a586701a8d9e129f03aee74d97a07c1eb2bf6790
SHA256

17551d94c375ba6477526eadf40fedfa3394b3c84e6835547d07f96c671cb6f7
SHA512

6d55ec15622b71fd6225d7b6753f8631c29a20dca77f5bba5474a0ba860541e192c2ea74e62a4838411eb139db14314a0bffe0e72770c08085cfa11c1978f208
SSDEEP

196608:DBhfechrfus6l0jkRFkq9s7wpbOMdADSjJjSBvFLOyomFHKnPJkN:NPuHvs7wVOMdADAjSBvFN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-05_b059469f477c23e413d1b0fc22a53ccd_avoslocker

Files

2024-06-05_b059469f477c23e413d1b0fc22a53ccd_avoslocker
.exe windows:6 windows x86 arch:x86

704addec2202f57e4b5a5aacfd03433b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\loggersuite\ddsexplorer\Release\DdsExplorer.pdb

Imports

kernel32

GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
GetFileAttributesExW
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
SetFilePointerEx
SetFileAttributesW
GetStringTypeW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindFirstFileExW
FindResourceExW
GetProfileIntA
SearchPathA
GetWindowsDirectoryA
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GetACP
VerifyVersionInfoA
VerSetConditionMask
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
SuspendThread
SetThreadPriority
lstrcmpiA
GetVolumeInformationA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVersionExA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
FindResourceA
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
SetLastError
FormatMessageA
LocalFree
GetFileSize
GetLocalTime
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalAlloc
RemoveDirectoryA
GetFileInformationByHandle
FindNextFileA
FindFirstFileA
FindClose
CreateFileA
SetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpyA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
MultiByteToWideChar
GetCurrentDirectoryA
GetTempFileNameA
GetTempPathA
ReleaseMutex
MulDiv
CreateMutexA
DeleteFileA
Sleep
WideCharToMultiByte
GetTickCount
GetLastError
CreateDirectoryA
CloseHandle
TerminateThread
ResumeThread
GetCurrentProcess
DuplicateHandle
ResetEvent
SetEvent
WaitForSingleObject
CreateEventA
CopyFileA
FindResourceW
LoadResource
LockResource
SizeofResource
QueryPerformanceFrequency

user32

GetSysColorBrush
SetWindowRgn
DrawEdge
PostQuitMessage
GetIconInfo
CopyImage
LoadImageA
DestroyIcon
LoadCursorW
LoadCursorA
WindowFromPoint
SetCursor
ReleaseCapture
SetCapture
WaitMessage
IsZoomed
TranslateMessage
GetMessageA
CharUpperA
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongA
EqualRect
MapWindowPoints
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExA
GetClassInfoExA
DrawFocusRect
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
IsDialogMessageA
GetWindow
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SetFocus
GetDlgCtrlID
SetRect
CheckDlgButton
SetDlgItemTextA
SetWindowPos
MoveWindow
ShowWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetCursorPos
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
IsWindow
EnableWindow
SendMessageA
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
GetDesktopWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
DrawIconEx
ShowOwnedPopups
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
TrackMouseEvent
GetAsyncKeyState
KillTimer
LoadMenuW
DeleteMenu
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
CreateDialogIndirectParamA
DestroyWindow
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
MapDialogRect
LoadImageW
IsClipboardFormatAvailable
GetClassInfoA
SetTimer
GetSystemMenu
EnableMenuItem
SetClassLongA
LoadIconA
LoadBitmapW
CopyRect
PostMessageA
LoadIconW
AppendMenuA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
InvalidateRect
UpdateWindow
GetFocus
FillRect
GetWindowRect
OffsetRect
MonitorFromRect
GetMonitorInfoA
AdjustWindowRectEx
IsMenu
DrawFrameControl
PtInRect
UnregisterClassA
IntersectRect
IsRectEmpty
InflateRect
GetSysColor
SetRectEmpty
GetParent
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
DrawStateA
GetClassNameA
UnpackDDElParam
ReuseDDElParam
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetParent
SetCursorPos
LockWindowUpdate
GetDoubleClickTime
CopyIcon
ModifyMenuA
DestroyAcceleratorTable
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
PostThreadMessageA
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
CopyAcceleratorTableA
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
GetUpdateRect
SendDlgItemMessageA

gdi32

GetDIBits
GetPaletteEntries
PlgBlt
RealizePalette
SelectObject
SetDIBits
CreateDIBSection
SetDIBColorTable
CreateHalftonePalette
GetTextAlign
Rectangle
Ellipse
DPtoLP
CopyMetaFileA
CreateDCA
BitBlt
CreateBitmap
CreateHatchBrush
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
GetTextMetricsA
MoveToEx
TextOutA
ExtTextOutA
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
CreateEllipticRgn
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CreateRoundRectRgn
SetPixel
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
LPtoDP
ExtCreatePen
CreateSolidBrush
CreatePen
GetTextExtentPoint32A
DeleteDC
CreateFontIndirectA
GetDeviceCaps
GetStockObject
StretchBlt
GetObjectA
CreateCompatibleDC
SetWindowOrgEx
DeleteObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetKnownFolderPath
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHBindToParent
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileA
ShellExecuteExA

comctl32

ImageList_AddMasked

shlwapi

PathFindFileNameA
StrRetToBufA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindExtensionA

uxtheme

DrawThemeBackground
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
GetThemeSysColor
GetWindowTheme
IsAppThemed
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CLSIDFromProgID
CLSIDFromString
OleRun
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
CoInitializeEx

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VariantChangeType
VariantCopy
VarBstrFromDate
VariantInit
SysAllocStringLen
SysAllocString
VariantClear
GetErrorInfo
SysAllocStringByteLen
SysFreeString

urlmon

URLDownloadToCacheFileA

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageI
GdipDeleteGraphics
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipSaveImageToStream
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits

ws2_32

inet_ntoa
WSAStartup
WSACleanup
sendto
WSAGetLastError
recvfrom
__WSAFDIsSet
select
closesocket
ioctlsocket
bind
htons
setsockopt
socket
gethostbyname
gethostname
inet_addr

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

704addec2202f57e4b5a5aacfd03433b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

urlmon

gdiplus

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 354KB - Virtual size: 354KB

.data Size: 24KB - Virtual size: 40KB

.rsrc Size: 4.0MB - Virtual size: 4.0MB

.reloc Size: 148KB - Virtual size: 148KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 354KB - Virtual size: 354KB

.data
Size: 24KB - Virtual size: 40KB

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

.reloc
Size: 148KB - Virtual size: 148KB