Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
2024-08-14_d48be876f95f2df347ff1c9e59e7373d_avoslocker_hijackloader.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-08-14_d48be876f95f2df347ff1c9e59e7373d_avoslocker_hijackloader.exe
Resource
win10v2004-20240802-en
Target
2024-08-14_d48be876f95f2df347ff1c9e59e7373d_avoslocker_hijackloader
Size
4.0MB
MD5
d48be876f95f2df347ff1c9e59e7373d
SHA1
d542602021369a4640f71016c3de0e67cf527f03
SHA256
186b3429bd91f133613c78caacfcde2702503adf2a0fee22af7cfe75561bb11e
SHA512
b362fb8d9c7fb4108649fc6871ffbe528637ed10338efd71295a8885a79d1cfdb09df8829533498385e46d47304efaf65f8350afa8adf0e9b884ba98c012df2b
SSDEEP
98304:BRCtwhkfo6gkLixR0BSChYzwrZ7ABgKuB:HCt5gkLAR0BBhSwVABgKm
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
C:\drone\src\build_output\Win32\Release\csc_ui.pdb
CryptProtectData
CertGetNameStringW
CryptUnprotectData
PlaySoundW
WTSQuerySessionInformationW
WTSEnumerateSessionsExW
WTSFreeMemoryExW
WTSFreeMemory
StringFromGUID2
OleUninitialize
CoGetClassObject
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID
OleInitialize
CoTaskMemRealloc
CLSIDFromString
OleLockRunning
CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CreateStreamOnHGlobal
GetProcessHeap
GetCurrentProcessId
CreateMutexExW
GetProcAddress
HeapAlloc
OpenSemaphoreW
WaitForSingleObjectEx
AreFileApisANSI
DeviceIoControl
SetEndOfFile
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
SetStdHandle
GetCurrentDirectoryW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
WriteFile
GetStdHandle
ExitProcess
GetTimeZoneInformation
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
GetStartupInfoW
UnhandledExceptionFilter
GetLocaleInfoEx
OutputDebugStringW
GetEnvironmentVariableW
GetSystemTimeAsFileTime
GetCPInfo
CompareStringEx
LCMapStringEx
QueryPerformanceCounter
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetStringTypeW
FormatMessageA
GetExitCodeThread
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
FileTimeToLocalFileTime
MapViewOfFile
CreateFileMappingW
GetFileSize
UnmapViewOfFile
ReadFile
GetSystemDirectoryW
TlsFree
TlsGetValue
TlsAlloc
LocalAlloc
TlsSetValue
GetLocaleInfoW
GetTickCount
Sleep
WaitForMultipleObjects
SetUnhandledExceptionFilter
GetLocalTime
DeleteFileW
SetErrorMode
GetFullPathNameW
FindFirstFileW
GetFileAttributesExW
FindClose
FindNextFileW
FindFirstFileExW
CreateDirectoryW
ReadDirectoryChangesW
CancelIo
GetTempPathW
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
OutputDebugStringA
CreateFileW
GetFileAttributesW
lstrcpyW
CreateProcessW
ProcessIdToSessionId
LoadLibraryExW
lstrcmpW
SetDllDirectoryW
FreeLibrary
FindResourceW
LoadResource
LoadLibraryW
GetModuleFileNameW
SizeofResource
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExW
LocalFree
GetCommandLineW
lstrcmpiW
CompareStringW
IsDebuggerPresent
FormatMessageW
MultiByteToWideChar
ReleaseMutex
lstrlenA
GetModuleHandleExW
ReleaseSemaphore
SetLastError
HeapFree
CreateSemaphoreExW
GetModuleFileNameA
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
VerifyVersionInfoW
VerSetConditionMask
OpenMutexW
WideCharToMultiByte
CloseHandle
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
CreateMutexW
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
MulDiv
GetModuleHandleW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
lstrlenW
TerminateProcess
GetCurrentProcess
DebugBreak
EnableMenuItem
GetDesktopWindow
KillTimer
SetRect
DrawTextW
GetDlgItem
GetClientRect
SetWindowLongW
FlashWindow
MoveWindow
GetSysColor
FrameRect
DrawStateW
MapWindowPoints
GetDlgCtrlID
GetMonitorInfoW
DestroyIcon
IsDialogMessageW
SetTimer
OffsetRect
IsWindow
ShowWindow
LoadStringW
SetWindowTextW
UnregisterClassW
SendMessageW
ScreenToClient
CreateWindowExW
UpdateWindow
SetActiveWindow
MonitorFromWindow
SetWindowPos
GetDC
InflateRect
DestroyWindow
GetWindowRect
GetWindow
PostMessageW
CallWindowProcW
GetSystemMenu
DefWindowProcW
GetWindowTextLengthW
GetWindowLongW
SetFocus
MessageBoxW
EnumWindows
CopyRect
GetSystemMetrics
GetWindowThreadProcessId
GetKeyState
SystemParametersInfoW
SetParent
GetClassNameW
LoadCursorW
CharNextW
EndDialog
GetActiveWindow
AnimateWindow
GetParent
LoadImageW
SetForegroundWindow
MsgWaitForMultipleObjects
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
EnableWindow
GetWindowTextW
FillRect
IsWindowVisible
GetDlgItemInt
SetDlgItemInt
GetMenuItemID
DeleteMenu
DrawMenuBar
InsertMenuW
DrawIconEx
CopyImage
GetWindowPlacement
SetWindowPlacement
IsIconic
DestroyCursor
LoadIconW
CreateDialogParamW
GetMenuItemInfoW
MapVirtualKeyW
CheckMenuRadioItem
GetMenuItemCount
LoadStringA
MessageBeep
CreatePopupMenu
GetKeyboardState
SetMenuItemInfoW
SetMenuDefaultItem
GetForegroundWindow
SetMenu
ToUnicode
TrackPopupMenuEx
PostQuitMessage
DialogBoxParamW
AppendMenuW
CheckMenuItem
GetCapture
DrawFocusRect
IsWindowEnabled
SetCursor
SetRectEmpty
PtInRect
EnumDisplaySettingsW
GetMessageW
LoadAcceleratorsW
InvalidateRgn
DispatchMessageW
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
PeekMessageW
IsChild
CreateAcceleratorTableW
TranslateMessage
FindWindowW
SetCapture
RegisterWindowMessageW
ReleaseCapture
SetClipboardData
GetCursorPos
ModifyMenuW
LoadMenuW
MonitorFromPoint
TrackPopupMenu
GetSubMenu
OpenClipboard
CloseClipboard
EmptyClipboard
DestroyMenu
RemoveMenu
DrawIcon
AdjustWindowRectEx
GetMenu
RegisterClassExW
GetClassInfoExW
GetFocus
ShowScrollBar
EnableScrollBar
SetScrollRange
SetScrollPos
ScrollWindow
ExcludeClipRect
GetTextMetricsW
TextOutW
GetCurrentObject
GetBkColor
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
DeleteDC
GetTextExtentPoint32W
SetTextColor
SetBkMode
SetViewportOrgEx
GetObjectW
GetTextColor
SetBkColor
DeleteObject
CreateSolidBrush
CreateFontIndirectW
ExtTextOutW
DPtoLP
GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW
GetTokenInformation
RegisterEventSourceA
DeregisterEventSource
LookupPrivilegeValueW
AdjustTokenPrivileges
EqualSid
GetSidSubAuthorityCount
AllocateAndInitializeSid
GetSidSubAuthority
OpenProcessToken
FreeSid
SetThreadToken
DuplicateTokenEx
LookupAccountSidW
GetSidIdentifierAuthority
ReportEventA
RegQueryValueExW
RegOpenKeyExW
CreateProcessAsUserW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
EventRegister
EventSetInformation
RegGetValueW
EventUnregister
EventWriteTransfer
SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHAppBarMessage
ShellExecuteExW
Shell_NotifyIconW
SHBrowseForFolderW
SysAllocString
SysStringLen
SysAllocStringLen
LoadTypeLi
VarUI4FromStr
SysFreeString
VariantInit
OleCreateFontIndirect
LoadRegTypeLi
VariantClear
OleLoadPicturePath
GetMenuPosFromID
PathFindFileNameW
ord17
ImageList_Create
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_GetImageCount
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_GetIcon
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
GdipDeleteGraphics
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageI
GdipImageRotateFlip
GdipCreateHICONFromBitmap
GdipGetImageHeight
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipCloneBrush
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteBrush
GdipAlloc
GdipDrawImageRectI
GdipDeletePath
GdipSetSmoothingMode
GdipCreatePath
GdipSetInterpolationMode
GdipCreateSolidFill
GdipFillPath
GdipAddPathStringI
GdipFree
GdipDrawPath
GdipDeleteStringFormat
GdipDeletePen
GdipCreatePen1
GdipSetPenLineJoin
GdipCreateStringFormat
GdipCreateFromHDC
CreateEnvironmentBlock
DestroyEnvironmentBlock
GetProfileType
GetUserProfileDirectoryW
LoadUserProfileW
UnloadUserProfile
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ