2024-08-29_c65dacc300cf5acaeb501e1e9933e2cc_avoslocker

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_c65dacc300cf5acaeb501e1e9933e2cc_avoslocker
Size

2.8MB
MD5

c65dacc300cf5acaeb501e1e9933e2cc
SHA1

f4ee990f533af247e61a6e53336a1681c0caf0f9
SHA256

0b42bf15b77cfe9f9e693f2776691647e78a91be27f5bdb8d1a366be510a773f
SHA512

f2789ad89f69be9b959c8d1479aa4c82fb63aeaf77bc253fb1bb0fea3df9e79ea003ea7d63805e159b357f5f18907527e3f02bea6c518caded444d268400608e
SSDEEP

49152:jswYRwPbcU7h09IWHrGFOT0p3Sq0CiO3SM52d+TQ0Kx8mIYIqRGVBu471HOOEv:oaPbcU7cCOT0piq0CipM52d+TQ0Kx8m1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-29_c65dacc300cf5acaeb501e1e9933e2cc_avoslocker

Files

2024-08-29_c65dacc300cf5acaeb501e1e9933e2cc_avoslocker
.exe windows:6 windows x86 arch:x86

b1293f5905a2f24853cef866928f2f37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\1\Downloads\notepad-plus-plus-master\PowerEditor\bin\npp.pdb

Imports

comctl32

ImageList_DragEnter
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_BeginDrag
ImageList_SetIconSize
ord17
ImageList_AddMasked
ImageList_GetImageCount
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_DragMove
ImageList_Draw

shlwapi

PathAppendW
PathAddExtensionW
PathIsDirectoryW
PathRemoveExtensionW
PathStripPathW
PathMatchSpecW
PathIsRelativeW
PathGetDriveNumberW
PathCompactPathExW
AssocQueryStringW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
DragQueryPoint
DragFinish
ShellExecuteW
ord165
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
SHFileOperationW

dbghelp

ImageNtHeader

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

crypt32

CryptQueryObject
CertGetNameStringW
CertNameToStrW
CertGetCertificateContextProperty
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose

wintrust

WinVerifyTrust

sensapi

IsDestinationReachableW
IsNetworkAlive

winmm

PlaySoundW

kernel32

FindFirstFileW
FindNextFileW
GetFileAttributesW
lstrcmpW
lstrlenW
CompareFileTime
CreateDirectoryW
DeleteFileW
GetFileAttributesExW
GetFullPathNameW
GetLongPathNameW
SetFileAttributesW
lstrcpyW
MoveFileExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GlobalUnlock
GlobalLock
GetCurrentDirectoryW
GlobalAlloc
FormatMessageW
LCMapStringW
FreeLibrary
LoadLibraryExW
LoadResource
LockResource
SizeofResource
FindResourceW
lstrcmpiW
GetCurrentThreadId
SetCurrentDirectoryW
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
CreateThread
CopyFileW
CreateFileW
GetCurrentProcess
GetCurrentProcessId
LoadLibraryW
WideCharToMultiByte
CreateMutexW
Sleep
GlobalSize
lstrcpynW
ExpandEnvironmentStringsW
WaitForMultipleObjects
GetSystemInfo
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetLocalTime
GetTempPathW
SetLastError
CancelIo
SleepEx
WaitForSingleObjectEx
QueueUserAPC
ReadDirectoryChangesW
ReleaseSemaphore
DuplicateHandle
VirtualFree
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
CompareStringW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
MultiByteToWideChar
GetACP
GlobalFree
GetProcAddress
GetModuleFileNameW
GetVersion
MulDiv
GetModuleHandleW
LocalFree
LocalAlloc
VirtualProtect
VirtualAlloc
ExitProcess
GetLastError
CloseHandle
OutputDebugStringW
ReadFile
GetFileSize
DeleteFileA
FindClose
CreateFileA
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RaiseException
RtlUnwind
GetModuleHandleExW
ExitThread
GetStdHandle
WriteFile
HeapAlloc
HeapFree
GetFileType
GetConsoleMode
ReadConsoleW
SetFilePointerEx
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleOutputCP
GetFileSizeEx
IsValidCodePage
GetOEMCP
HeapReAlloc
FindFirstFileExW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
HeapSize
SetEndOfFile
WriteConsoleW
ReleaseMutex

user32

LoadMenuW
GetClassNameW
GetDlgItemTextA
DrawIcon
CharUpperW
CharLowerW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
GetClassNameA
CreateAcceleratorTableW
FindWindowW
CreateDialogIndirectParamW
SystemParametersInfoW
MonitorFromRect
TrackMouseEvent
GetCapture
SetRectEmpty
AppendMenuW
RegisterWindowMessageW
ShowCursor
CreateCursor
DestroyCursor
ScrollWindow
SetPropW
GetPropW
RemovePropW
SetScrollInfo
LoadStringW
InsertMenuItemW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMonitorInfoW
AdjustWindowRectEx
GetWindowTextLengthW
TrackPopupMenu
FlashWindowEx
RegisterClassExW
UnregisterClassW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
GetWindowTextW
MapWindowPoints
BringWindowToTop
ReleaseCapture
SetCapture
GetActiveWindow
GetDlgCtrlID
IsChild
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetCursorPos
RedrawWindow
InsertMenuW
EnableMenuItem
CheckMenuItem
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenuState
ScreenToClient
EmptyClipboard
SetClipboardData
IsWindow
GetDlgItemInt
FrameRect
FillRect
MonitorFromWindow
CreateDialogParamW
InflateRect
GetSysColor
SetMenu
GetWindowRect
IsWindowVisible
ShowWindow
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetClipboardData
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
OpenClipboard
LoadCursorW
GetParent
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
SetCursor
MessageBeep
GetClientRect
ShowScrollBar
GetScrollRange
CheckMenuRadioItem
SetForegroundWindow
SetMenuItemInfoW
SetScrollRange
GetScrollPos
SetScrollPos
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
DrawTextExW
DrawTextW
GetMenu
GetSystemMetrics
ToAscii
GetKeyboardState
GetFocus
SetWindowPlacement
GetWindowPlacement
DestroyWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
PostMessageW
DrawFrameControl
DrawEdge
SetWindowPos
SetFocus
MoveWindow
DrawIconEx
LoadImageW
EnableWindow
GetKeyState
SendDlgItemMessageW
EndDialog
DialogBoxIndirectParamW
DialogBoxParamW
SetWindowLongW
GetWindowLongW
SetWindowTextW
GetDlgItemTextW
SetDlgItemTextW
SetDlgItemTextA
GetDlgItem
CallWindowProcW
SendMessageW
MessageBoxW
wsprintfW
GetMenuItemInfoW
DeleteMenu
GetMenuItemCount
IsDialogMessageW
ClientToScreen
RealChildWindowFromPoint
DrawMenuBar
GetMenuStringW
TranslateAcceleratorW
DestroyAcceleratorTable
IsZoomed
IsIconic
ModifyMenuW
GetMenuItemID
GetSubMenu
RemoveMenu
DestroyIcon
LoadIconW
GetDesktopWindow
PtInRect
WindowFromPoint
LockWindowUpdate
GetDCEx
mouse_event
SetDlgItemInt
LoadBitmapW
GetSysColorBrush
DrawFocusRect
MessageBoxA
SetParent

gdi32

CreateBitmap
CreatePatternBrush
PatBlt
SetBrushOrgEx
EnumFontFamiliesExW
SetTextAlign
GetTextMetricsW
GetDeviceCaps
CreateFontIndirectW
GetObjectW
SaveDC
RestoreDC
BitBlt
GetPixel
DeleteDC
OffsetWindowOrgEx
StartDocW
EndDoc
StartPage
EndPage
ExtTextOutW
DPtoLP
GetTextExtentPointW
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
MoveToEx
LineTo
CreateHatchBrush
SetTextColor
SetROP2
SetBkMode
SelectObject
Rectangle
GetTextExtentPoint32W
GetStockObject
GetROP2
DeleteObject
CreateSolidBrush
CreatePen
CreateFontW
SetBkColor
SetWindowOrgEx
CreateFontA

comdlg32

PrintDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
IsTextUnicode

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 457KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 685KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1293f5905a2f24853cef866928f2f37

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

shell32

dbghelp

version

crypt32

wintrust

sensapi

winmm

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 457KB - Virtual size: 457KB

.data Size: 32KB - Virtual size: 106KB

.rsrc Size: 685KB - Virtual size: 685KB

.reloc Size: 83KB - Virtual size: 82KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 457KB - Virtual size: 457KB

.data
Size: 32KB - Virtual size: 106KB

.rsrc
Size: 685KB - Virtual size: 685KB

.reloc
Size: 83KB - Virtual size: 82KB