2024-06-27_94c867bdf4c879767818943357314827_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-27_94c867bdf4c879767818943357314827_avoslocker
Size

11.7MB
MD5

94c867bdf4c879767818943357314827
SHA1

720c1cd7657ffb5ae1e2d828c16ef3c1024cffbc
SHA256

a58fac66e921182854705df126b1ebac64c15ddcd76cfc4a6908949793973ee3
SHA512

f7f48b82ecd33fbb062fdb7677561a378541c97743c90b5b6a3586cc4c75adbcbdef7c2d05c5b51fb623f3c077592cc638a0a18adafb261419d1de5a395e4a51
SSDEEP

196608:vsdzYRzrWnxvEaipjLxGQNGSBFi9FZ3MLBYZ1HDoP72k31BMeAF0IGSgMMMSGqif:vsdlo2LJhQ+4Dgnc++WCI6g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-27_94c867bdf4c879767818943357314827_avoslocker

Files

2024-06-27_94c867bdf4c879767818943357314827_avoslocker
.exe windows:6 windows x86 arch:x86

687f45c39448000bd622a12ab7f1d5e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Descargas\alldbo\DBOC\dbog-source\DboClient\DragonBall\Client.pdb

Imports

winmm

timeGetTime

d3dx9_27

D3DXCreateEffect
D3DXMatrixTranslation
D3DXVec3Transform
D3DXMatrixRotationYawPitchRoll
D3DXVec3TransformCoord
D3DXVec3TransformNormal
D3DXMatrixMultiplyTranspose
D3DXMatrixRotationZ
D3DXVec4Transform
D3DXVec3Normalize
D3DXQuaternionSlerp
D3DXPlaneNormalize
D3DXPlaneFromPoints
D3DXCreateEffectFromFileA
D3DXMatrixPerspectiveFovLH
D3DXVec3CatmullRom
D3DXMatrixMultiply
D3DXMatrixTranspose
D3DXAssembleShader

devil

ilSaveImage
ilLoadImage
ilShutDown
ilInit

kernel32

GetCommandLineA
GetOEMCP
IsValidCodePage
SetStdHandle
RemoveDirectoryW
CreatePipe
CreateFileW
MoveFileExW
GetFileAttributesExW
GetExitCodeProcess
DeleteFileW
HeapReAlloc
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetCommandLineW
GetEnvironmentStringsW
GetFileSizeEx
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
FreeEnvironmentStringsW
HeapSize
SetEndOfFile
GetDiskFreeSpaceA
SetErrorMode
CreateEventA
ResumeThread
SuspendThread
CloseHandle
WaitForSingleObject
Sleep
InitializeCriticalSection
FindNextFileA
SetCurrentDirectoryA
CreateMutexA
GetCurrentThread
IsBadWritePtr
FormatMessageA
GetCurrentProcess
OutputDebugStringA
GetModuleFileNameA
SetUnhandledExceptionFilter
CreateDirectoryA
FindClose
FindFirstFileA
GetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
lstrlenW
DecodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
MultiByteToWideChar
GetTickCount
GetACP
WideCharToMultiByte
DeleteFileA
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
WriteFile
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
SetFilePointer
GetOverlappedResult
InterlockedExchangeAdd
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileExW
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
CreateProcessW
InterlockedCompareExchange
InterlockedExchange
DuplicateHandle
GetTempPathW
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetFullPathNameW
GetDriveTypeW
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
ReleaseSemaphore
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
GetFileInformationByHandle
PeekNamedPipe
CreateSemaphoreA
GetLocaleInfoW
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
lstrcmpiA
lstrlenA
GetFullPathNameA
GetSystemDirectoryA
SetThreadAffinityMask
SetThreadPriority
ReleaseMutex
GetCPInfo
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
GetLocalTime
LoadLibraryExA
SetFileAttributesA
GetFileAttributesA
FormatMessageW
CreateFileA
GetFileSize
GlobalMemoryStatus
GetSystemTime
GetCurrentThreadId
GetCurrentProcessId
AllocConsole
SetConsoleMode
SetConsoleTitleA
SetConsoleTextAttribute
WriteConsoleA
GetConsoleTitleA
FreeConsole
GetSystemDirectoryW
LoadLibraryW
CompareStringA
HeapAlloc
GetProcessHeap
HeapFree
SetEvent
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
QueryPerformanceCounter
lstrcpyW
LocalFree
GetLogicalDrives
GetDriveTypeA
QueryPerformanceFrequency
K32GetProcessMemoryInfo
GetStringTypeW
EncodePointer
LCMapStringEx
CompareStringEx

user32

GetFocus
GetKeyState
FillRect
AdjustWindowRect
CreateWindowExA
GetWindowRect
GetClientRect
SetWindowPos
SystemParametersInfoA
UpdateWindow
SetWindowLongA
CharUpperA
DestroyWindow
BeginPaint
EndPaint
EmptyClipboard
OpenClipboard
GetKeyboardLayoutList
DefWindowProcA
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
GetDC
GetKeyboardLayout
GetDoubleClickTime
SetDoubleClickTime
SetWindowLongW
IsWindowVisible
GetMenu
AdjustWindowRectEx
GetWindowLongW
GetClipboardData
ScreenToClient
DrawMenuBar
PostMessageW
CloseClipboard
SendMessageW
SetClipboardData
FindWindowA
wvsprintfA
GetSystemMetrics
RegisterClassA
LoadIconA
SetCapture
ReleaseCapture
MessageBoxA
LoadAcceleratorsA
GetCursorPos
SetCursorPos
ShowCursor
SetCursor
SetClassLongA
LoadCursorFromFileA
LoadCursorA
PostQuitMessage
MapVirtualKeyA
IsIconic
RegisterWindowMessageA
DeleteMenu
GetSystemMenu
ShowWindow
ReleaseDC
GetKeyboardState
ToAscii
GetAsyncKeyState

shell32

ShellExecuteExA
DragAcceptFiles

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

fmod

?release@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setActive@DSP@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?addDSP@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@HPAVDSP@2@@Z
?createDSPByType@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PAPAVDSP@2@@Z
?get3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAUFMOD_VECTOR@@000@Z
?getChannelsPlaying@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH0@Z
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setPaused@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PAVSound@2@PAVChannelGroup@2@_NPAPAVChannel@2@@Z
?set3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_VECTOR@@000@Z
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?addGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@_NPAPAVDSPConnection@2@@Z
?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z
?setVolume@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getMasterChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z
?set3DSettings@System@FMOD@@QAG?AW4FMOD_RESULT@@MMM@Z
?setStreamBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
FMOD_System_Create
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?setMute@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getName@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PADH@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setVolumeRamp@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getDSPClock@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_K0@Z
?getSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAW4FMOD_SPEAKERMODE@@0@Z
?stop@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAVChannelGroup@2@@Z
?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?getMute@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?setPitch@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getNumChannels@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getMode@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?isPlaying@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?getMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?get3DAttributes@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAUFMOD_VECTOR@@0@Z
?get3DMinMaxDistance@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAM0@Z
?set3DMinMaxDistance@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z
?set3DAttributes@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@0@Z
?addFadePoint@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_KM@Z

bugtrap

BT_SetFlags
BT_SetAppVersion
BT_SetAppName
BT_AddLogFile
BT_SetSupportServer
BT_SetSupportURL

discord-rpc

Discord_UpdatePresence
Discord_RunCallbacks
Discord_Initialize
Discord_Shutdown

netapi32

NetWkstaTransportEnum
NetApiBufferFree

ddraw

DirectDrawCreateEx

ws2_32

ntohl
gethostname
recvfrom
sendto
inet_addr
socket
WSASetLastError
getservbyport
gethostbyaddr
getservbyname
htonl
accept
ntohs
htons
recv
send
connect
setsockopt
ioctlsocket
listen
bind
WSASocketA
WSACreateEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
WSACloseEvent
closesocket
shutdown
WSACleanup
WSAStartup
WSAGetLastError
inet_ntoa
gethostbyname

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetContext

d3dx9_42

D3DXLoadSurfaceFromSurface
D3DXCompileShader
D3DXLoadSurfaceFromMemory

d3d9

Direct3DCreate9

gdi32

SetViewportOrgEx
SetWindowOrgEx
GetDeviceCaps
SetTextAlign
CreateFontIndirectW
SetMapMode
CreateSolidBrush
SetTextColor
TextOutW
GetDeviceGammaRamp
SetDeviceGammaRamp
GetTextExtentPoint32W
ModifyWorldTransform
RemoveFontResourceExW
AddFontResourceExW
DeleteDC
GetTextMetricsW
SetBkMode
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
DPtoLP
SetGraphicsMode

advapi32

CryptCreateHash
CryptDestroyHash
CryptSetKeyParam
CryptDeriveKey
CryptHashData
CryptDecrypt
CryptEncrypt
CryptDestroyKey
CryptAcquireContextA
CryptReleaseContext

Sections

.text
Size: 9.5MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

687f45c39448000bd622a12ab7f1d5e2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

d3dx9_27

devil

kernel32

user32

shell32

ole32

oleaut32

fmod

bugtrap

discord-rpc

netapi32

ddraw

ws2_32

imm32

d3dx9_42

d3d9

gdi32

advapi32

Sections

.text Size: 9.5MB - Virtual size: 9.5MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 223KB - Virtual size: 760KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 524KB - Virtual size: 523KB

.text
Size: 9.5MB - Virtual size: 9.5MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 223KB - Virtual size: 760KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 524KB - Virtual size: 523KB