2024-06-12_857ce696507a3011b634a50ffab02e18_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-12_857ce696507a3011b634a50ffab02e18_avoslocker
Size

1.7MB
MD5

857ce696507a3011b634a50ffab02e18
SHA1

5c02bd75e65ba44c19dd6f3b48cc13cfd3d38d59
SHA256

0578be6d8371966f759512ae3df3dfc0e0358c424100c450455f690b32888439
SHA512

e455ebeefcbd6f75157f05801a348fd5459f9b2928a49f0aa5a6563c6df15358f69789b602d697b1a5dc42bf0c838074c82abc95185a0f85185d19b32c7d5bd4
SSDEEP

24576:NihM6esN9qcTSl5FXk8esqjnhMgeiCl7G0nehbGZpbD:NlpmqcOl5FXsDmg27RnWGj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-12_857ce696507a3011b634a50ffab02e18_avoslocker

Files

2024-06-12_857ce696507a3011b634a50ffab02e18_avoslocker
.exe windows:6 windows x86 arch:x86

5145b21a36aac71eb43af0bb250fc102

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\u\workspace\nViewBranchBuilder_3S\sw\nview\v200\_out\Win32-Release\nViewMain.pdb

Imports

magnification

MagSetWindowSource
MagUninitialize
MagSetWindowTransform
MagInitialize

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

kernel32

WaitForSingleObject
CreateMutexW
lstrlenW
lstrcpyW
QueryPerformanceFrequency
SetEvent
CreateEventW
CreateProcessW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
SetEndOfFile
HeapSize
ReadConsoleW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReleaseMutex
GetACP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
lstrcatW
HeapAlloc
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
GetCommandLineA
GetLocalTime
RtlUnwind
RaiseException
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
QueryFullProcessImageNameW
MapViewOfFileEx
CreateFileMappingW
GetSystemInfo
UnmapViewOfFile
ResetEvent
OpenEventW
GetCurrentProcess
GetCurrentThread
SetThreadPriority
GetThreadPriority
IsWow64Process
GetModuleHandleW
GetProcAddress
FindClose
FindFirstFileW
GetFileAttributesW
GetLastError
SetFileAttributesW
lstrcpynW
FreeLibrary
OpenProcess
lstrcmpiW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
HeapFree
CloseHandle
lstrcmpW
GetExitCodeThread
ExitThread
GetCurrentThreadId
CreateThread
Sleep
GetSystemDirectoryW
FindNextFileW
WriteFile
GetOEMCP
K32GetModuleFileNameExW
K32EnumProcessModules
OpenThread
GetCommandLineW
GetVersionExW
QueryPerformanceCounter
FormatMessageW
GetCurrentProcessId
CreateFileW
GetFileSize
OutputDebugStringW
MulDiv
LoadLibraryW
GetUserDefaultUILanguage
VerifyVersionInfoW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
SetLastError
GetFullPathNameW
ExpandEnvironmentStringsW
VerSetConditionMask
LocalFree
LocalAlloc
ReadFile
GetTickCount
SetFilePointer

user32

ReleaseCapture
SetTimer
KillTimer
IsWindowEnabled
CreatePopupMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
AppendMenuW
TrackPopupMenuEx
SetForegroundWindow
BeginPaint
EndPaint
SetFocus
GetWindowRect
GetCursorPos
WindowFromPoint
EqualRect
GetWindowLongW
CopyRect
EnumDisplayMonitors
RegisterWindowMessageW
CharUpperW
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplayDevicesW
SetCapture
IsIconic
IsWindowVisible
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassW
PostQuitMessage
DefWindowProcW
PostMessageW
DisplayConfigGetDeviceInfo
IsWindow
DispatchMessageW
TranslateMessage
GetMessageW
TrackMouseEvent
InvalidateRect
GetForegroundWindow
SetProcessDPIAware
UnhookWindowsHookEx
SetWindowsHookExW
CheckMenuRadioItem
GetSysColorBrush
InsertMenuItemW
TrackPopupMenu
OffsetRect
IsRectEmpty
GetMonitorInfoW
MonitorFromRect
DestroyIcon
GetWindowThreadProcessId
FindWindowExW
WaitForInputIdle
SetRectEmpty
MsgWaitForMultipleObjects
RegisterDeviceNotificationW
PeekMessageW
LoadIconW
UpdateWindow
GetMenuItemInfoW
CreateMenu
SetMenu
GetSystemMetrics
RegisterClassExW
CloseDesktop
OpenInputDesktop
GetActiveWindow
UnregisterHotKey
RegisterHotKey
GetDesktopWindow
SetCursorPos
DialogBoxParamW
CreateDialogParamW
MoveWindow
ShowWindowAsync
MonitorFromPoint
GetAsyncKeyState
FindWindowW
SystemParametersInfoW
InflateRect
IntersectRect
SetWindowPlacement
UnhookWinEvent
SetWinEventHook
EnumWindows
SendMessageTimeoutW
PtInRect
ClientToScreen
GetPhysicalCursorPos
UnionRect
GetClassLongW
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
SendMessageW
wsprintfW
GetWindow
GetClientRect
GetWindowRgnBox
IsZoomed
GetWindowPlacement
GetLayeredWindowAttributes
PostThreadMessageW
GetParent
FillRect
ReleaseDC
GetWindowDC
GetDC
GetWindowTextW
GetAncestor
LoadCursorW
SetWindowLongW
MessageBoxW
CharLowerW
LoadImageW
ValidateRect
GetClassNameW
DrawIconEx
LoadStringW

gdi32

StretchBlt
TextOutW
MoveToEx
SetTextColor
SetBkMode
SetDCPenColor
SetDCBrushColor
RoundRect
LineTo
CreateFontIndirectW
GetTextExtentPoint32W
GetObjectW
SelectObject
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetStockObject
StrokeAndFillPath
GetDeviceCaps
CreatePen
BeginPath
EndPath

advapi32

GetUserNameW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegQueryInfoKeyW
SetEntriesInAclW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenCurrentUser
RegCreateKeyExW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegCopyTreeW
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHCreateShellItemArrayFromShellItem
ExtractIconExW
ExtractIconW
Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW

ole32

StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

SysAllocString
SysFreeString

shlwapi

StrRStrIW
ord487
SHCopyKeyW
StrStrIW
SHDeleteKeyW

gdiplus

GdipCreatePen1
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawPath
GdipFillPath
GdiplusStartup
GdiplusShutdown
GdipCreatePen2
GdipSetPenWidth
GdipDeleteBrush
GdipCloneImage
GdipStartPathFigure
GdipCreateBitmapFromHICON
GdipCloneBrush
GdipAddPathArcI
GdipSetSmoothingMode
GdipDrawArcI
GdipDeletePath
GdipCreatePath
GdipFree
GdipAlloc
GdipCreateSolidFill
GdipLoadImageFromFile
GdipClosePathFigure
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDrawImageRect
GdipFillRectangleI
GdipDisposeImage
GdipDrawRectangleI
GdipDeletePen

dwmapi

DwmGetWindowAttribute
DwmIsCompositionEnabled

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

Sections

.text
Size: 546KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 438KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 592KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5145b21a36aac71eb43af0bb250fc102

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

magnification

wtsapi32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

dwmapi

version

api-ms-win-core-winrt-string-l1-1-0

Sections

.text Size: 546KB - Virtual size: 546KB

.rdata Size: 133KB - Virtual size: 132KB

.data Size: 10KB - Virtual size: 25KB

.rsrc Size: 438KB - Virtual size: 438KB

.reloc Size: 592KB - Virtual size: 596KB

.text
Size: 546KB - Virtual size: 546KB

.rdata
Size: 133KB - Virtual size: 132KB

.data
Size: 10KB - Virtual size: 25KB

.rsrc
Size: 438KB - Virtual size: 438KB

.reloc
Size: 592KB - Virtual size: 596KB