Static task
static1
Behavioral task
behavioral1
Sample
2024-07-08_0de4a01a5189fe69fe30ed88e1eb4a25_avoslocker_cobalt-strike.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral2
Sample
2024-07-08_0de4a01a5189fe69fe30ed88e1eb4a25_avoslocker_cobalt-strike.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
Target
2024-07-08_0de4a01a5189fe69fe30ed88e1eb4a25_avoslocker_cobalt-strike
Size
946KB
MD5
0de4a01a5189fe69fe30ed88e1eb4a25
SHA1
2d6dc5f1c602da5c5d4022a5cdc4cd7d185c7476
SHA256
cf327e4ee552e0f96ae9fdc3a020563be3dc47efba5caf7183858c6f9c71bea2
SHA512
44632a0d5605025ccabad3e3cc84543a7917cbbc3de0f2ee2eb2c66d4fccdd76702d08efa88bc9558aefd83a51d041b680b40ef83236abde24977155fd31dd0f
SSDEEP
12288:fFGinO96l5p1hgTOPrGYDfJtW7C8z2eYFKYKOQKQ95uEPZugq6bbColc+M008O:fF5OY5p1+ydfGCKOQKoZbCoWPB8O
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
CallNtPowerInformation
CertFreeCertificateChainEngine
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
closesocket
WSAGetLastError
recv
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
WSAIoctl
WSAStartup
WSACleanup
__WSAFDIsSet
select
accept
getaddrinfo
send
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
htonl
WSAEventSelect
WSAResetEvent
listen
ioctlsocket
freeaddrinfo
WSAWaitForMultipleEvents
IdnToAscii
GetModuleHandleW
GetProcAddress
FormatMessageW
HeapFree
GetProcessHeap
GetTickCount64
DeleteFileW
CreateFileW
GetFileSizeEx
SetFilePointer
SetEndOfFile
CloseHandle
WriteFile
CreateThread
WaitForSingleObject
WaitForMultipleObjects
MoveFileExW
GetExitCodeProcess
CreateEventW
SetEvent
ReadFile
HeapAlloc
LoadLibraryW
FreeLibrary
CreateDirectoryW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
GetModuleFileNameW
ExpandEnvironmentStringsW
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetLocalTime
GetCommandLineW
GetSystemTimeAsFileTime
IsWow64Process
GetCurrentProcess
GetDiskFreeSpaceExW
SizeofResource
GlobalLock
GlobalFree
GlobalUnlock
GetTickCount
CreateMutexW
ReleaseMutex
AllocConsole
GetStdHandle
LocalFree
GlobalMemoryStatusEx
GetSystemInfo
LocalAlloc
GetNativeSystemInfo
GetLocaleInfoA
GetVolumeInformationW
SetLastError
InitializeCriticalSectionEx
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
QueryPerformanceCounter
WaitForSingleObjectEx
GetEnvironmentVariableA
MoveFileExA
CreateFileA
LockResource
LCMapStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwind
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
LoadResource
FindResourceW
VerifyVersionInfoW
VerSetConditionMask
Sleep
GetLastError
TlsFree
LoadLibraryExW
SetStdHandle
GetFileType
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
GetStringTypeW
ReadConsoleW
GetConsoleOutputCP
HeapReAlloc
HeapSize
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetFilePointerEx
GetFileAttributesExW
FreeResource
GetCurrentDirectoryW
GetFullPathNameW
FlushFileBuffers
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetConsoleMode
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
GlobalAlloc
VirtualQuery
LockWindowUpdate
GetSysColorBrush
SetCursorPos
GetCursorPos
ReleaseCapture
SetCapture
GetFocus
GetSystemMetrics
EndPaint
FrameRect
BeginPaint
GetDlgCtrlID
IsWindowEnabled
GetDC
ReleaseDC
ShowScrollBar
SetScrollInfo
SetScrollPos
DrawIconEx
MapDialogRect
CharLowerA
MonitorFromPoint
SetFocus
DrawTextW
FillRect
KillTimer
GetWindowTextW
GetWindowTextLengthW
TrackMouseEvent
GetSysColor
MoveWindow
ClientToScreen
SetForegroundWindow
UpdateWindow
ShowWindow
GetDlgItem
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
SendMessageW
RedrawWindow
SetWindowPos
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
PostMessageW
EnableWindow
SetWindowTextW
DefWindowProcW
GetWindowLongW
DestroyWindow
UnregisterClassW
SetWindowLongW
CreateWindowExW
GetDesktopWindow
RegisterClassExW
GetParent
MapWindowPoints
GetWindowRect
SetTimer
ShowCursor
SetCursor
DestroyCursor
LoadCursorW
CharUpperW
MessageBoxW
SetClassLongW
PostQuitMessage
LoadIconW
DestroyIcon
FlashWindow
GetClientRect
EnumChildWindows
CreateFontIndirectW
GetBkColor
DeleteObject
GetStockObject
SetBkColor
SetDCBrushColor
GetDeviceCaps
CreateSolidBrush
AddFontMemResourceEx
SetDIBits
BitBlt
StretchBlt
SetStretchBltMode
CreatePen
GetTextColor
SelectObject
SetBkMode
CreateCompatibleBitmap
SetTextColor
GetDIBits
GetBkMode
DeleteDC
CreateCompatibleDC
CryptReleaseContext
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptAcquireContextA
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
ShellExecuteExW
SHGetFolderPathW
ord171
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
CommandLineToArgvW
SHGetMalloc
StringFromGUID2
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoCreateGuid
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
PathFileExistsW
ord410
ord412
InitCommonControlsEx
ord413
GdipDrawImageRectI
GdiplusStartup
GdiplusShutdown
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStream
GdipImageSelectActiveFrame
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipAlloc
GdipFree
timeKillEvent
timeSetEvent
UuidToStringW
RpcStringFreeW
UuidCreate
GradientFill
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ