2024-08-17_4cd09ce451422161324b2b70bdb50725_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-17_4cd09ce451422161324b2b70bdb50725_avoslocker
Size

3.7MB
MD5

4cd09ce451422161324b2b70bdb50725
SHA1

88b4fd0c689784bdc5ed2100e5ce68ec4da20037
SHA256

0cc4159e49461e7730fb63f635f82d87f342c75167feef4c8cffbe6c37dfc814
SHA512

7903c11ffc08c49540e51176a2f6885b7f09f5140a7fd485bb86da222ca3bfa1ea3e0cf8bb23c7f5bb038243acb4aaa8fca4bdb345ce5e2bb0cfe12b44c1138f
SSDEEP

98304:wAN7e5hvUhMqa/9aMjHB9kPPq2l2TjG8aQjoFLOAkGkzdnEVomFHKnPy:RN7+tn2l2Tj2QUFLOyomFHKnPy

Score

1^/10

Malware Config

Signatures

Files

2024-08-17_4cd09ce451422161324b2b70bdb50725_avoslocker
.exe windows:6 windows x86 arch:x86

d6f87f70222aaae653b425e0056bcf9e

Code Sign

74:47:34:5d:a8:c9:29:9a:49:c8:8c:38:1c:e3:58:c8
Certificate

Issuer

CN=Accurate Reappearance,1.2.840.113549.1.9.1=#0c1c4170704041636375726174655265617070656172616e63652e636f6d

Not Before

01/02/2021, 21:00

Not After

01/02/2022, 21:00

Subject

CN=Accurate Reappearance,1.2.840.113549.1.9.1=#0c1c4170704041636375726174655265617070656172616e63652e636f6d

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetConsoleMode
GlobalUnlock
SetThreadPriority
GlobalHandle
IsProcessorFeaturePresent
HeapSize
SetFilePointer
GetProcessHeap
VerSetConditionMask
InitializeCriticalSectionEx
GetLocaleInfoW
HeapFree
VirtualAlloc
LoadLibraryW
TlsGetValue
GetFileType
GetWindowsDirectoryW
InitializeCriticalSectionAndSpinCount
GetStdHandle
GetFileTime
FindNextFileW
GetProcAddress
GetCurrentDirectoryW
GetCurrentThreadId
GetOEMCP
DeleteFileW
GetSystemTimeAsFileTime
LocalReAlloc
QueryPerformanceFrequency
GetSystemInfo
ReadFile
CreateThread
GetSystemDefaultUILanguage
MultiByteToWideChar
SetEndOfFile
GetVolumeInformationW
WaitForSingleObject
GetFileAttributesExW
LockFile
LoadLibraryA
GetStartupInfoW
VirtualProtect
SetLastError
FileTimeToSystemTime
FindFirstFileExW
FindFirstFileW
VerifyVersionInfoW
LeaveCriticalSection
GetModuleFileNameW
LockResource
FindResourceExW
GetModuleHandleA
FindResourceW
GlobalReAlloc
GetFileSizeEx
InitializeSListHead
EnterCriticalSection
OutputDebugStringW
FreeLibrary
GlobalAddAtomW
InitializeCriticalSection
GlobalFlags
FileTimeToLocalFileTime
SetEnvironmentVariableW
GetFullPathNameW
GlobalGetAtomNameW
GlobalFindAtomW
GetModuleHandleW
GetCurrentThread
DuplicateHandle
SystemTimeToTzSpecificLocalTime
GetTempPathW
GlobalAlloc
GlobalLock
IsValidCodePage
WriteConsoleW
LoadResource
GetUserDefaultUILanguage
SizeofResource
ExitProcess
GetTempFileNameW
RtlUnwind
CopyFileW
LocalFree
TlsFree
GetProfileIntW
TerminateProcess
GetCommandLineW
ResumeThread
lstrcmpiW
GetVersionExW
CloseHandle
DeleteCriticalSection
GetCurrentProcessId
WriteFile
FreeLibraryAndExitThread
LoadLibraryExW
UnhandledExceptionFilter
GetTickCount
WritePrivateProfileStringW
RaiseException
UnlockFile
GetEnvironmentStringsW
CompareStringW
SetFilePointerEx
FlushFileBuffers
SetStdHandle
GetFileSize
GetCommandLineA
Sleep
GetPrivateProfileStringW
TlsAlloc
TlsSetValue
FreeEnvironmentStringsW
FindClose
GlobalSize
EncodePointer
VirtualQuery
WideCharToMultiByte
GetACP
lstrcmpA
ExitThread
LocalAlloc
HeapAlloc
GetSystemDirectoryW
WaitForSingleObjectEx
IsDebuggerPresent
GetLastError
lstrcmpW
GetModuleHandleExW
GetCurrentProcess
CreateEventW
SetUnhandledExceptionFilter
LCMapStringW
FormatMessageW
GetFileAttributesW
MulDiv
ResetEvent
DecodePointer
GlobalDeleteAtom
OutputDebugStringA
CompareStringA
GetCPInfo
GetConsoleOutputCP
GetTimeZoneInformation
lstrcpyW
GlobalFree
GetStringTypeW
QueryPerformanceCounter
HeapReAlloc
GetPrivateProfileIntW
HeapQueryInformation
SearchPathW
SetEvent
SetErrorMode

user32

GetMenuCheckMarkDimensions
EmptyClipboard
GetKeyboardLayout
CallNextHookEx
GetSystemMenu
GetWindowThreadProcessId
IsWindowEnabled
GetMessageW
CopyIcon
GetFocus
GetMenuItemID
GetMenuState
GetComboBoxInfo
SubtractRect
ModifyMenuW
EnumChildWindows
GetWindowPlacement
GetMenu
MapVirtualKeyW
GetCapture
DrawEdge
GetIconInfo
GetMessageTime
CharUpperBuffW
BeginPaint
CheckDlgButton
IsZoomed
ToUnicodeEx
SetTimer
UnpackDDElParam
SendDlgItemMessageA
GetClassNameW
GetKeyState
SetCursorPos
DrawTextW
ValidateRect
TranslateMDISysAccel
DrawMenuBar
IsWindowVisible
SystemParametersInfoW
LoadImageW
SetFocus
EnableMenuItem
CheckMenuItem
ScrollWindow
GetDesktopWindow
UpdateWindow
EndPaint
CopyImage
SetCursor
GetWindowLongW
SetWindowsHookExW
TranslateMessage
MessageBeep
EnableWindow
GetWindow
MonitorFromPoint
GetKeyNameTextW
DrawTextExW
SetActiveWindow
TrackPopupMenu
SetWindowPlacement
InflateRect
WinHelpW
GrayStringW
IsWindow
GetAsyncKeyState
CreateWindowExW
SetPropW
ScreenToClient
SetMenuDefaultItem
WaitMessage
FillRect
RemoveMenu
SetClipboardData
DestroyCursor
UnhookWindowsHookEx
LoadCursorW
GetWindowDC
GetTopWindow
GetDlgItem
LoadBitmapW
ReleaseCapture
CreateAcceleratorTableW
GetSysColorBrush
TrackMouseEvent
PtInRect
DefWindowProcW
MapVirtualKeyExW
GetMessagePos
GetWindowTextW
EndDialog
SetClassLongW
CopyRect
MapDialogRect
TabbedTextOutW
RedrawWindow
GetMenuItemInfoW
GetActiveWindow
LockWindowUpdate
GetClassInfoW
DeleteMenu
GetForegroundWindow
WindowFromPoint
IsRectEmpty
SetRect
AdjustWindowRectEx
SetLayeredWindowAttributes
FrameRect
InvertRect
SetScrollInfo
PostQuitMessage
DestroyAcceleratorTable
CloseClipboard
MapWindowPoints
SetMenu
GetSubMenu
EnumDisplayMonitors
MessageBoxW
AppendMenuW
DefFrameProcW
GetNextDlgTabItem
RegisterWindowMessageW
PeekMessageW
GetClassLongW
DrawIconEx
KillTimer
GetParent
GetClassInfoExW
IsMenu
GetWindowRgn
CreatePopupMenu
DestroyWindow
CopyAcceleratorTableW
SetWindowPos
RegisterClassW
SetWindowLongW
PostMessageW
GetMonitorInfoW
UnregisterClassW
UpdateLayeredWindow
IsCharLowerW
UnionRect
GetKeyboardState
CreateDialogIndirectParamW
SetWindowRgn
GetCursorPos
GetDlgCtrlID
LoadAcceleratorsW
MoveWindow
GetScrollPos
CallWindowProcW
DefMDIChildProcW
BeginDeferWindowPos
DeferWindowPos
InsertMenuW
CharUpperW
EndDeferWindowPos
ReuseDDElParam
GetDoubleClickTime
RegisterClipboardFormatW
IsDialogMessageW
SetMenuItemInfoW
InsertMenuItemW
GetNextDlgGroupItem
NotifyWinEvent
GetPropW
SetRectEmpty
GetScrollRange
ShowScrollBar
GetDC
SetMenuItemBitmaps
SetScrollRange
IntersectRect
ShowWindow
LoadIconW
EnableScrollBar
MonitorFromWindow
CreateMenu
GetScrollInfo
ReleaseDC
LoadMenuW
OffsetRect
SetParent
SetScrollPos
GetSystemMetrics
IsClipboardFormatAvailable
RemovePropW
IsChild
IsIconic
PostThreadMessageW
HideCaret
GetUpdateRect
ClientToScreen
GetMenuStringW
GetMenuDefaultItem
DrawIcon
SendMessageW
GetLastActivePopup
BringWindowToTop
SetForegroundWindow
DestroyMenu
DispatchMessageW
DrawStateW
GetWindowRect
GetMenuItemCount
DestroyIcon
InvalidateRect
GetSysColor
SetWindowTextW
ShowOwnedPopups
OpenClipboard
GetClientRect
TranslateAcceleratorW
DrawFrameControl
SetCapture
DrawFocusRect
EqualRect
GetWindowTextLengthW
RealChildWindowFromPoint

gdi32

ExtTextOutW
CreateCompatibleBitmap
RectVisible
RestoreDC
SelectClipRgn
CreateRoundRectRgn
ScaleWindowExtEx
SetDIBColorTable
EnumFontFamiliesExW
GetViewportOrgEx
GetTextFaceW
ExtFloodFill
GetTextMetricsW
SetPaletteEntries
Polygon
SetLayout
DeleteObject
DeleteDC
GetObjectW
CreateDIBitmap
ScaleViewportExtEx
SaveDC
OffsetViewportOrgEx
GetWindowExtEx
CreateEllipticRgn
GetPaletteEntries
CreateSolidBrush
LPtoDP
SelectPalette
PtInRegion
SetWindowExtEx
ExcludeClipRect
SetROP2
OffsetWindowOrgEx
GetBkColor
EnumFontFamiliesW
SelectObject
StretchBlt
CreateRectRgn
ExtSelectClipRgn
CreatePatternBrush
GetSystemPaletteEntries
SetBkMode
CreatePen
Ellipse
DPtoLP
CreateDCW
SetViewportExtEx
PatBlt
CreateDIBSection
SetPixelV
BitBlt
LineTo
MoveToEx
PtVisible
RoundRect
SetPixel
CopyMetaFileW
SetPolyFillMode
SetTextAlign
CreateFontIndirectW
SetWindowOrgEx
GetWindowOrgEx
GetTextColor
GetRgnBox
GetDIBits
CreateRectRgnIndirect
GetTextCharsetInfo
GetTextExtentPoint32W
FrameRgn
TextOutW
GetStockObject
Polyline
GetViewportExtEx
SetTextColor
GetNearestPaletteIndex
CreateBitmap
IntersectClipRect
CreatePolygonRgn
CreatePalette
SetBkColor
SetRectRgn
GetLayout
RealizePalette
CreateHatchBrush
CreateCompatibleDC
SetMapMode
GetClipBox
CombineRgn
OffsetRgn
SetViewportOrgEx
Rectangle
Escape
GetObjectType
GetPixel
FillRgn
GetBoundsRect
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegEnumValueW
RegEnumKeyW
RegCloseKey
RegEnumKeyExW

shell32

DragQueryFileW
SHAppBarMessage
DragFinish
SHGetMalloc
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
CommandLineToArgvW
ShellExecuteW
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

IsAppThemed
GetThemePartSize
GetThemeSysColor
OpenThemeData
GetCurrentThemeName
DrawThemeText
DrawThemeBackground
DrawThemeParentBackground
CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeColor

ole32

CoTaskMemAlloc
CoDisconnectObject
OleCreateMenuDescriptor
OleTranslateAccelerator
ReleaseStgMedium
OleLockRunning
OleDuplicateData
CoLockObjectExternal
RevokeDragDrop
IsAccelerator
CoTaskMemFree
RegisterDragDrop
CoCreateGuid
CoUninitialize
OleGetClipboard
OleDestroyMenuDescriptor
CoInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeEx
DoDragDrop

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysStringLen
SysAllocStringLen
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantChangeType
VariantClear
SysFreeString
SysAllocString

gdiplus

GdipGetImagePalette
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDeleteGraphics
GdiplusStartup
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipFree
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageHeight
GdipCreateBitmapFromStream
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipBitmapLockBits
GdipGetImagePixelFormat

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6f87f70222aaae653b425e0056bcf9e

Code Sign

74:47:34:5d:a8:c9:29:9a:49:c8:8c:38:1c:e3:58:c8Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 390KB - Virtual size: 389KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 140KB - Virtual size: 139KB

74:47:34:5d:a8:c9:29:9a:49:c8:8c:38:1c:e3:58:c8
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 390KB - Virtual size: 389KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 140KB - Virtual size: 139KB