2024-06-25_b505520812bfd04d5008af91059f19e1_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-25_b505520812bfd04d5008af91059f19e1_avoslocker
Size

1.2MB
MD5

b505520812bfd04d5008af91059f19e1
SHA1

2d4a574bf1ced87dd1c02835447986464048e53a
SHA256

d88e2224e5c1d54d69cdc72924f681254d1ac95e7cb9f4ff1152bd25c5d8d055
SHA512

5c24e9402eb45d4e0d5fcc5e17c2989f23abdce2068410c6aa2b47ecb2d0c899f31f9bfe219c414da0cbf4b1a3cdcd65785fa68fe1de668c90f68a2f11fb6480
SSDEEP

24576:vYanIto2rEqXvh30UbpTOaNLjvQp+HIa3lR2bMHiL+jM:vxnItPW4y3GIafy+i6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-25_b505520812bfd04d5008af91059f19e1_avoslocker

Files

2024-06-25_b505520812bfd04d5008af91059f19e1_avoslocker
.exe windows:6 windows x86 arch:x86

54d5c6b777279a72a688558501647d1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
WideCharToMultiByte
QueryPerformanceCounter
CreateDirectoryW
GetVolumeInformationW
GetLogicalDrives
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetFileAttributesW
GetLastError
DeleteFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
CloseHandle
WaitForSingleObject
CreateThread
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
CreateFileW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
QueryPerformanceFrequency
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LocalFree
LockFileEx
GetFileSize
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
GetTickCount
FlushFileBuffers
DecodePointer
WriteConsoleW
GetStringTypeW
Sleep
MultiByteToWideChar
GetModuleFileNameW
SetEnvironmentVariableW
FreeEnvironmentStringsW
WaitForMultipleObjects
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetStdHandle
GetTimeZoneInformation
GetFileSizeEx
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
CreateProcessW
GetExitCodeProcess
SetConsoleTitleW
CreateFileA
GetConsoleWindow
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetFileType
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
ExitProcess
GetCommandLineA
GetCommandLineW
CompareStringW
LCMapStringW

user32

ShowWindow
MessageBoxW

advapi32

RegOpenKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

ws2_32

inet_addr
send
socket
connect
recvfrom
recv
htonl
accept
closesocket
ioctlsocket
setsockopt
WSAGetLastError
WSACleanup
WSAStartup
listen
sendto
bind
htons
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSACloseEvent

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54d5c6b777279a72a688558501647d1e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 39KB - Virtual size: 39KB