D:\Development\IDX 15\IDRSI - 15.9 -\Release\IDRSI.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-06_cb9fe3c230190b6da8a9dbe98d0e46dc_avoslocker.exe
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-06-06_cb9fe3c230190b6da8a9dbe98d0e46dc_avoslocker.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2024-06-06_cb9fe3c230190b6da8a9dbe98d0e46dc_avoslocker
-
Size
5.9MB
-
MD5
cb9fe3c230190b6da8a9dbe98d0e46dc
-
SHA1
22c106681a3322760cd5e60c5d33b9c2a69d8bd4
-
SHA256
46ff068deb748bf485b8d555ace8d5427087e9bab841d5b982116110b1fdeaf2
-
SHA512
00f584ea5f4769b75c26816cfec6119d2c5978433231eda0c9f14fa6e213405605f702491c7bb830983eb1f6cdeca97ac1f94258c16754306a866570e36aa1b9
-
SSDEEP
98304:ENOGkPs6sl5LcMl08EtT5auvTpHMSVJJRgXySrt/12+BBxfOl8mGVXyoYanUI:Elkk5LcMlSTzWtdZfOwVXyoYanD
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-06_cb9fe3c230190b6da8a9dbe98d0e46dc_avoslocker
Files
-
2024-06-06_cb9fe3c230190b6da8a9dbe98d0e46dc_avoslocker.exe windows:6 windows x86 arch:x86
336158e247d7f844315472ab8f576626
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
iphlpapi
GetAdaptersInfo
GetIfTable
wsock32
gethostbyaddr
WSASetLastError
ntohs
inet_ntoa
setsockopt
shutdown
htons
ioctlsocket
inet_addr
gethostbyname
gethostname
WSAGetLastError
kernel32
lstrcpyA
FindResourceExW
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetProfileIntA
GetTempFileNameA
ReplaceFileA
GetUserDefaultLCID
LocalLock
LocalUnlock
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
DeleteFileW
MoveFileExW
CreatePipe
GetFileAttributesExW
GetExitCodeProcess
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetCPInfo
GetSystemDefaultUILanguage
GetDateFormatW
GetConsoleCP
GetStdHandle
SetStdHandle
HeapQueryInformation
GetCommandLineW
GetFullPathNameW
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
CreateProcessW
GetModuleHandleExW
ExitProcess
GetConsoleOutputCP
GetFileType
CreateFileW
ReadConsoleW
GetConsoleMode
SetFilePointerEx
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
InitializeCriticalSectionEx
OutputDebugStringW
GetACP
GetOEMCP
VirtualProtect
CompareStringW
GetLocaleInfoW
GlobalFlags
GetAtomNameA
GlobalHandle
GlobalReAlloc
TlsFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
GetUserDefaultUILanguage
SetEvent
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetStringTypeExA
GetThreadLocale
MoveFileA
lstrcmpiA
LoadLibraryW
LoadLibraryExA
GetModuleHandleW
GetModuleFileNameW
DuplicateHandle
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
GlobalFree
GlobalSize
SetLastError
CreateSemaphoreA
ReleaseSemaphore
OpenSemaphoreA
Sleep
SearchPathA
LocalReAlloc
GetFileSize
GetEnvironmentVariableA
GetCurrentProcessId
ReadFile
SetErrorMode
WriteFile
SystemTimeToFileTime
TlsAlloc
TlsGetValue
TlsSetValue
LocalAlloc
DeviceIoControl
GetVersion
FindResourceA
GlobalLock
GlobalUnlock
GlobalAlloc
TerminateThread
MoveFileExA
LoadLibraryA
FreeLibrary
GetTimeZoneInformation
CopyFileA
OpenFileMappingA
UnmapViewOfFile
GetSystemWindowsDirectoryA
GetSystemTime
ReleaseMutex
GetDiskFreeSpaceA
CompareFileTime
CreateFileMappingA
MapViewOfFile
GetVersionExA
RemoveDirectoryA
GetUserDefaultLangID
MultiByteToWideChar
LocalFree
GetProcAddress
GetModuleHandleA
GetTickCount
CreateProcessA
GetCurrentProcess
CreateMutexA
WaitForSingleObject
GetFileTime
GetFileAttributesW
GetFileAttributesA
CreateDirectoryW
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
QueryPerformanceFrequency
QueryPerformanceCounter
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetShortPathNameA
GetModuleFileNameA
CloseHandle
GetVolumeInformationA
GetLongPathNameA
GetFileInformationByHandle
CreateFileA
GetCurrentDirectoryA
GetCommandLineA
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateDirectoryA
FormatMessageA
MulDiv
WinExec
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
GetCurrentDirectoryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
RemoveDirectoryW
GetDriveTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
SetConsoleMode
GetNumberOfConsoleInputEvents
ReadConsoleInputW
PeekConsoleInputA
WriteConsoleW
SetCurrentDirectoryW
GetTimeFormatW
user32
TranslateAcceleratorA
LoadAcceleratorsA
WaitMessage
MapVirtualKeyA
GetKeyNameTextA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
GetWindowThreadProcessId
GetActiveWindow
GetMessageA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExA
LoadMenuA
GetClassInfoA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetDialogBaseUnits
IntersectRect
InflateRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
CharUpperA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
DeleteMenu
CharNextA
SetCapture
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnionRect
GetMenuState
GetMenuStringA
GetCursorPos
SetMenuDefaultItem
TrackPopupMenu
GetSubMenu
LoadMenuW
LoadCursorW
LoadBitmapW
MessageBoxExA
PostThreadMessageA
FillRect
GetMonitorInfoA
MonitorFromPoint
LoadIconA
GetDesktopWindow
CopyRect
SetRect
DestroyMenu
SetWindowLongA
GetWindowLongA
GetSystemMenu
SetParent
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
EmptyClipboard
CreatePopupMenu
InsertMenuItemA
DestroyIcon
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetMenuItemInfoA
SystemParametersInfoA
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
TrackMouseEvent
GetClassInfoExA
LoadImageW
CloseClipboard
SetClipboardData
GetTabbedTextExtentW
GetTabbedTextExtentA
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
UnregisterClassA
BroadcastSystemMessageA
PostMessageA
BringWindowToTop
ReleaseCapture
SetTimer
KillTimer
EnableWindow
SetForegroundWindow
InvalidateRect
RedrawWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
GetClientRect
SetCursor
GetSysColor
SetRectEmpty
IsRectEmpty
PtInRect
FindWindowA
LoadCursorA
SendMessageA
GetWindowRect
GetParent
IsWindow
GetDC
ReleaseDC
MessageBoxA
TranslateMessage
DispatchMessageA
PeekMessageA
GetSystemMetrics
DrawIcon
LoadIconW
ExitWindowsEx
RegisterWindowMessageA
DrawEdge
DefWindowProcA
GetKeyboardLayout
GetComboBoxInfo
IsIconic
UpdateWindow
FindWindowExA
GetLastActivePopup
UpdateLayeredWindow
LockWindowUpdate
GetDCEx
RegisterClipboardFormatA
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
SetWindowRgn
SetClassLongA
DrawStateA
GetFocus
gdi32
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
ExcludeClipRect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthA
StretchDIBits
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
Escape
DeleteObject
DeleteDC
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateBitmap
CreateDCA
CopyMetaFileA
CreateSolidBrush
GetObjectA
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPoint32A
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
GetMapMode
GetViewportExtEx
BitBlt
msimg32
TransparentBlt
AlphaBlend
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA
advapi32
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExW
RegOpenKeyExA
RegSetValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegCloseKey
InitiateSystemShutdownA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
shell32
SHGetFileInfoA
Shell_NotifyIconA
SHAppBarMessage
ShellExecuteA
ShellExecuteExA
DragQueryFileA
SHAddToRecentDocs
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHFileOperationW
DragFinish
SHBrowseForFolderA
shlwapi
StrFormatKBSizeA
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathUnquoteSpacesA
PathRemoveArgsA
PathRelativePathToA
PathGetArgsA
PathFileExistsA
PathCanonicalizeA
PathRemoveFileSpecW
uxtheme
GetWindowTheme
GetThemeSysColor
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
ole32
CoUninitialize
PropVariantCopy
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes
WriteClassStm
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoTreatAsClass
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CoInitializeEx
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
oleaut32
VariantInit
SysAllocStringByteLen
SysStringByteLen
OleLoadPicture
VarUdateFromDate
VariantClear
VariantChangeType
VariantTimeToSystemTime
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SystemTimeToVariantTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
SysFreeString
VarCyFromStr
VarBstrFromCy
SafeArrayCreate
SysAllocString
OleCreateFontIndirect
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
SysAllocStringLen
oledlg
ord8
ws2_32
htonl
getsockname
getpeername
recv
closesocket
bind
accept
WSAAsyncSelect
WSACleanup
WSAStartup
recvfrom
send
sendto
connect
select
socket
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
wininet
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpOpenFileA
FtpRenameFileA
FtpDeleteFileA
FtpPutFileA
FtpGetFileA
FtpFindFirstFileA
InternetSetStatusCallback
FtpCommandA
GopherCreateLocatorA
GopherFindFirstFileA
InternetReadFile
InternetSetFilePointer
GopherOpenFileA
GopherGetAttributeA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpSendRequestExA
HttpEndRequestA
HttpQueryInfoA
InternetWriteFile
InternetOpenUrlA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetSetCookieA
InternetSetOptionA
InternetQueryOptionA
InternetCrackUrlA
InternetCheckConnectionA
InternetGetConnectedState
FtpGetCurrentDirectoryA
InternetGetCookieA
InternetErrorDlg
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetFindNextFileA
gdiplus
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImagePalette
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImagePaletteSize
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundA
Sections
.text Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
CONST Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 713KB - Virtual size: 712KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 117KB - Virtual size: 660KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 737KB - Virtual size: 736KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ