2024-06-24_dabac6bb8cef65e6e1df0de67b29d8d8_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-24_dabac6bb8cef65e6e1df0de67b29d8d8_avoslocker
Size

4.2MB
MD5

dabac6bb8cef65e6e1df0de67b29d8d8
SHA1

7d5cdd7fc2f2bd51608c3c830458268db5dd4797
SHA256

375dc6afbf46f0dca5397fe34a6a9cd0d8d64d851dad3393438dde0b3c416676
SHA512

697f915e5f1cb1600d62452a03520c7eb5a2fbcee8b45708387e0ebbb72c7ab40aaec69f2b6ca4a36ad18a20c210f427837811c8460bb4ad58672653a37d2b34
SSDEEP

98304:E1osB3Pfy8UElgSl89SBvH3ATjvW2rMKygDFLOAkGkzdnEVomFHKnPmvhZ:E1osB3PyC8rbW2rMKygDFLOyomFHKnPU

Score

1^/10

Malware Config

Signatures

Files

2024-06-24_dabac6bb8cef65e6e1df0de67b29d8d8_avoslocker
.exe windows:6 windows x86 arch:x86

a62499bed00739299e69d27c73dfaacb

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

31/12/2021, 14:10

Not After

10/02/2025, 13:32

Subject

SERIALNUMBER=02973414,CN=PARAMOUNT SOFTWARE UK LIMITED,O=PARAMOUNT SOFTWARE UK LIMITED,STREET=Unit 13 Lloyd Street North\, Manchester Science Park,L=Manchester,ST=Greater Manchester,C=GB,1.3.6.1.4.1.311.60.2.1.3=#13024742,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

00:97:ff:ab:f5:8c:c8:48:4e:05:b6:9b:f0:5b:83:9f:0a:9e:1f:58:7f:7e:27:5f:d0:6d:f0:c0:fa:5c:ce:1c
Signer

Actual PE Digest

00:97:ff:ab:f5:8c:c8:48:4e:05:b6:9b:f0:5b:83:9f:0a:9e:1f:58:7f:7e:27:5f:d0:6d:f0:c0:fa:5c:ce:1c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\develop-reflect-8\release\x86\working\WebView2.pdb

Imports

webview2loader

GetAvailableCoreWebView2BrowserVersionString
CreateCoreWebView2EnvironmentWithOptions

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
ExitProcess
GetStdHandle
GetFileType
FindNextFileW
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
FindFirstFileExW
IsValidCodePage
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
GetUserDefaultLCID
GetOEMCP
GetTempFileNameW
GetWindowsDirectoryW
FindResourceExW
SearchPathW
GetProfileIntW
GetTickCount
Sleep
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
SetFilePointer
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameW
GetFileSize
GetFileAttributesW
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
CopyFileW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalSize
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetSystemDirectoryW
EncodePointer
LoadLibraryA
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
MultiByteToWideChar
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThread
OutputDebugStringA
GetTempPathW
CreateSemaphoreExW
CreateMutexExW
GetCurrentProcessId
FindResourceW
LoadResource
LockResource
SizeofResource
OpenSemaphoreW
WaitForSingleObject
SetLastError
OutputDebugStringW
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
DebugBreak
GetModuleFileNameA
GetModuleHandleExW
GetCurrentThreadId
FormatMessageW
WaitForSingleObjectEx
ReleaseSemaphore
ReleaseMutex
CloseHandle
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
SwitchToThread
EnterCriticalSection
HeapFree
WriteConsoleW
SetStdHandle

user32

SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
IntersectRect
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
InvalidateRect
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetCursorPos
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
EnumDisplayMonitors
SystemParametersInfoW
LoadCursorW
SetRectEmpty
SetLayeredWindowAttributes
GetDesktopWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
DestroyIcon
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
LoadImageW
TrackMouseEvent
IsZoomed
UnregisterClassW
IsWindow
LoadIconW
GetClientRect
SendMessageW
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CharUpperW
GetAsyncKeyState
LoadMenuW
GetSystemMenu
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
IsChild
IsMenu
GetKeyboardLayout
GetIconInfo
CopyIcon
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
EmptyClipboard
GetParent
PostQuitMessage
IsIconic
GetSystemMetrics
DrawIcon
EnableWindow
PostMessageW
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
SendDlgItemMessageA
MapDialogRect
ToUnicodeEx
InvertRect
HideCaret
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetNextDlgGroupItem
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
SubtractRect
GetKeyNameTextW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
UpdateLayeredWindow
CopyAcceleratorTableW
CreateAcceleratorTableW
LoadAcceleratorsW
MapVirtualKeyW
GetKeyboardState
CopyRect

gdi32

SetTextColor
GetObjectW
CopyMetaFileW
CreateDCW
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesW
GetStockObject
GetTextCharsetInfo
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetBkColor
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateSolidBrush
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
CreateRectRgnIndirect
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetKnownFolderPath
ShellExecuteExW
ShellExecuteW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW
SHGetFileInfoW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW
PathFindExtensionW

uxtheme

GetThemeSysColor
GetCurrentThemeName
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
DrawThemeParentBackground

ole32

CoLockObjectExternal
OleGetClipboard
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
DoDragDrop
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitializeEx

oleaut32

SysStringLen
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantCopy
VarBstrFromDate
SysAllocStringLen
SysFreeString
VariantChangeType
VariantClear
SysAllocString

urlmon

URLDownloadToFileW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a62499bed00739299e69d27c73dfaacb

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

00:97:ff:ab:f5:8c:c8:48:4e:05:b6:9b:f0:5b:83:9f:0a:9e:1f:58:7f:7e:27:5f:d0:6d:f0:c0:fa:5c:ce:1cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

webview2loader

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

urlmon

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 373KB - Virtual size: 372KB

.data Size: 31KB - Virtual size: 49KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 146KB - Virtual size: 145KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0e:a3:9d:c6:65:3a:dd:c1:6f:d0:a7:39
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

00:97:ff:ab:f5:8c:c8:48:4e:05:b6:9b:f0:5b:83:9f:0a:9e:1f:58:7f:7e:27:5f:d0:6d:f0:c0:fa:5c:ce:1c
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 373KB - Virtual size: 372KB

.data
Size: 31KB - Virtual size: 49KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 146KB - Virtual size: 145KB