2024-08-25_1d2a473130a80e6a572a005cf03eee84_avoslocker_gh0st_silence

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-25_1d2a473130a80e6a572a005cf03eee84_avoslocker_gh0st_silence
Size

13.5MB
MD5

1d2a473130a80e6a572a005cf03eee84
SHA1

3a9b6ab8e19f4af565f3cfa2d8eb1545fe2d9fae
SHA256

c5e6e95411e7e5a1a96e701799081e73b492d7718d6143f92c0e2029ec3a5cf5
SHA512

c9ed9997ef7f4b3b3374096f452be6c9bb200f17db8881c051921e4d35237e62950193162a245e9eb56aa0b844b93ad9a4ecce7bcd9f8982c6057b81b441909d
SSDEEP

393216:BpeCrSC8Calh9HxNTKwPF8VvZSYydY4B5vCBf47:3ngJO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-25_1d2a473130a80e6a572a005cf03eee84_avoslocker_gh0st_silence

Files

2024-08-25_1d2a473130a80e6a572a005cf03eee84_avoslocker_gh0st_silence
.exe windows:6 windows x86 arch:x86

5b41abfde464759936858800416e7d5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIFileInit
AVIFileCreateStreamA
AVIFileExit
AVIStreamRelease
AVIStreamSetFormat
AVIStreamWrite
AVIFileRelease
AVIFileOpenA

msvfw32

DrawDibDraw
ICDecompress
ICSeqCompressFrameStart
ICSeqCompressFrameEnd
ICOpen
ICClose
ICSendMessage
DrawDibClose
DrawDibOpen
ICCompressorFree

winmm

waveInReset
waveInStop
waveInStart
waveInAddBuffer
waveInUnprepareHeader
waveInPrepareHeader
waveInClose
waveInOpen
waveInGetNumDevs
waveOutReset
PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

kernel32

GetTempPathA
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
GetUserDefaultUILanguage
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
EncodePointer
DecodePointer
HeapReAlloc
ExitThread
RaiseException
GetCommandLineA
GetModuleHandleExW
AreFileApisANSI
SetThreadStackGuarantee
VirtualQuery
HeapSize
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
UnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
TerminateProcess
GetStartupInfoW
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
VerifyVersionInfoA
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
OutputDebugStringW
GetTimeFormatEx
GetDateFormatEx
CompareStringEx
LCMapStringEx
CreateFileW
WriteConsoleW
SetEnvironmentVariableA
GetPrivateProfileSectionNamesA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
GetExitCodeThread
ResetEvent
InitializeCriticalSectionEx
VerSetConditionMask
GetWindowsDirectoryA
InitOnceExecuteOnce
CloseHandle
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
TerminateThread
ResumeThread
Sleep
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
CreateFileA
DeleteFileA
GetFileAttributesA
GetFileSize
ReadFile
SetFilePointer
OutputDebugStringA
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
GetTickCount
GetModuleFileNameA
lstrcmpA
lstrcatA
WriteFile
GetLocalTime
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
lstrcpyA
LocalAlloc
LocalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
lstrlenA
CreateDirectoryA
FileTimeToLocalFileTime
FindClose
FindFirstFileA
lstrcpynA
MoveFileA
FileTimeToSystemTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
CopyFileA
VirtualAlloc
VirtualFree
GetPrivateProfileIntA
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CancelIo
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
GetSystemInfo
GlobalAlloc
GlobalLock
GlobalUnlock
FreeLibrary
ExitProcess
FreeResource
FindResourceA
GlobalFree
GlobalSize
SetLastError
MulDiv
FormatMessageA
GetFileAttributesW
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetVersion
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetVersionExA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
GetCurrentProcessId
SetThreadPriority
GetCurrentThread
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
ApplicationRecoveryInProgress
ApplicationRecoveryFinished
GetThreadPreferredUILanguages
GetLocaleInfoEx
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
ReplaceFileA
SystemTimeToFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetACP
GetOEMCP
GetCPInfo
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesA
SetErrorMode
GetCurrentDirectoryA

user32

MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
SetScrollRange
ScrollWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
SetFocus
UnhookWindowsHookEx
RemoveMenu
InsertMenuA
GetMenuItemID
GetMenuStringA
GetScrollBarInfo
SystemParametersInfoA
SetWindowLongA
GetWindowLongA
ClipCursor
GetKeyState
GetIconInfo
SetDlgItemTextA
DestroyCursor
CheckMenuRadioItem
SetClassLongA
IntersectRect
GetMenuState
GetClipboardData
AppendMenuA
CreatePopupMenu
SetWindowTextW
LockWindowUpdate
GetDesktopWindow
GetFocus
SetMenuDefaultItem
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetSystemMenu
FillRect
OffsetRect
InflateRect
MessageBeep
GetSystemMetrics
SetRect
LoadCursorW
LoadCursorA
GetWindow
GetParent
WindowFromPoint
ScreenToClient
ClientToScreen
SetCursor
DeleteMenu
GetMenuItemCount
EnableMenuItem
CheckMenuItem
ReleaseCapture
SetCapture
CharNextA
GetDlgCtrlID
SetWindowPos
SendMessageTimeoutA
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
LoadIconW
GetScrollRange
GetScrollPos
SetScrollPos
UpdateWindow
LoadImageA
LoadBitmapW
SetParent
GetSysColor
GetClientRect
CopyIcon
GetDoubleClickTime
ChangeWindowMessageFilter
ReleaseDC
PtInRect
SetTimer
KillTimer
GetDC
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
IsWindowEnabled
GetDlgItemTextA
DrawIconEx
CheckDlgButton
GetKeyboardState
GetCursorPos
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetComboBoxInfo
TrackMouseEvent
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetActiveWindow
CharUpperA
GetWindowDC
BeginPaint
EndPaint
GetWindowThreadProcessId
GetWindowRgn
CreateMenu
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SubtractRect
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
EnumChildWindows
FrameRect
CharUpperBuffA
ShowScrollBar
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetDCEx
RegisterClipboardFormatA
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
DrawFocusRect
GetTabbedTextExtentA
IsClipboardFormatAvailable
UnionRect
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
LoadAcceleratorsW
GetDialogBaseUnits
CopyImage
RealChildWindowFromPoint
UnregisterClassA
GetSysColorBrush
IsRectEmpty
SetWindowRgn
DrawIcon
IsZoomed
GetMenuItemInfoA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
DestroyMenu
LoadMenuA
TranslateAcceleratorA
ModifyMenuA
LoadAcceleratorsA
BringWindowToTop
IsIconic
SetRectEmpty
MapVirtualKeyA
GetKeyNameTextA
MapDialogRect
GetClipboardFormatNameA
SetWindowLongW
GetWindowLongW
IsWindowUnicode
LookupIconIdFromDirectoryEx
LoadBitmapA
GetMenuStringW
GetCursor
GetKeyboardLayoutList
FindWindowA
DrawAnimatedRects
ShowCaret
CreateIconIndirect
CreateIconFromResourceEx
GetUserObjectInformationA
CloseDesktop
OpenInputDesktop
GetMessageA
TranslateMessage
DispatchMessageA
RegisterWindowMessageA
SendMessageA
EnableWindow
InvalidateRect
LoadIconA
wsprintfA
MessageBoxA
IsWindowVisible
RedrawWindow
PostMessageA
LoadMenuW
GetSubMenu
GetWindowRect
SetWindowContextHelpId
ShowOwnedPopups
DestroyIcon
PostQuitMessage

gdi32

GetBitmapBits
CloseFigure
FillPath
StrokePath
ExtTextOutW
SetBrushOrgEx
ExtCreateRegion
GetTextFaceA
GetTextExtentPoint32W
GetTextAlign
GetViewportOrgEx
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
PtInRegion
FrameRgn
RoundRect
GetCurrentObject
CreateRoundRectRgn
OffsetRgn
EnumFontFamiliesExA
Rectangle
Polyline
Polygon
CreatePolygonRgn
SetDIBColorTable
StretchBlt
SetPixel
GetDIBits
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetRgnBox
GetTextColor
Ellipse
CreateEllipticRgn
GetTextMetricsA
GetCharWidthA
SetRectRgn
CombineRgn
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolyBezierTo
MoveToEx
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
SetBkMode
GetObjectA
DeleteDC
CreateDIBSection
SetTextColor
StretchDIBits
SetBkColor
SelectObject
DeleteObject
CreatePen
LPtoDP
DPtoLP
ExtTextOutA
TextOutA
StrokeAndFillPath
EndPath
BeginPath
RectVisible
PtVisible
GetMapMode
GetBkColor
Escape
SetPixelV
GetTextExtentPoint32A
GetPixel
CreateFontA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateSolidBrush

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegSetValueA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA
ExtractIconA
SHAppBarMessage
ShellExecuteA
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetKnownFolderPath
SHAddToRecentDocs
SHCreateItemFromParsingName
Shell_NotifyIconA

comctl32

ImageList_GetIcon
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_Draw
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
_TrackMouseEvent
ImageList_Create

shlwapi

SHAutoComplete
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
UrlUnescapeA
StrFormatKBSizeA
PathRemoveFileSpecA

uxtheme

IsAppThemed
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
EndBufferedPaint
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
OpenThemeData

dwmapi

DwmSetWindowAttribute
DwmIsCompositionEnabled
DwmDefWindowProc

ole32

CoCreateInstance
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoInitialize

oleaut32

LoadTypeLi
VariantChangeType
OleLoadPicturePath
VariantChangeTypeEx
VarUdateFromDate
SysStringLen
VariantClear
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopy
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantInit
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

ord8
ord1

ws2_32

WSASocketA
WSASend
WSARecv
WSAIoctl
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAGetLastError
setsockopt
shutdown
bind
accept
WSACleanup
WSAStartup
gethostbyname
socket
select
htons
ioctlsocket
connect
getpeername
closesocket
ntohs
getsockname
gethostname
listen
WSAWaitForMultipleEvents
inet_ntoa

skinh

SkinH_AttachEx
SkinH_Detach

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmAssociateContext
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

wininet

InternetSetStatusCallback
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b41abfde464759936858800416e7d5e

Headers

DLL Characteristics

File Characteristics

Imports

avifil32

msvfw32

winmm

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

oledlg

ws2_32

skinh

gdiplus

imm32

oleacc

wininet

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rodata Size: 12KB - Virtual size: 11KB

.rotext Size: 109KB - Virtual size: 108KB

.rdata Size: 5.9MB - Virtual size: 5.9MB

.data Size: 116KB - Virtual size: 597KB

.rsrc Size: 3.7MB - Virtual size: 3.7MB

.reloc Size: 355KB - Virtual size: 355KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rodata
Size: 12KB - Virtual size: 11KB

.rotext
Size: 109KB - Virtual size: 108KB

.rdata
Size: 5.9MB - Virtual size: 5.9MB

.data
Size: 116KB - Virtual size: 597KB

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

.reloc
Size: 355KB - Virtual size: 355KB