2024-09-04_29f1032b17157ed6c32afe5941c03ddf_avoslocker_poet-rat_rhadamanthys

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-04_29f1032b17157ed6c32afe5941c03ddf_avoslocker_poet-rat_rhadamanthys
Size

9.9MB
MD5

29f1032b17157ed6c32afe5941c03ddf
SHA1

5c041e94c20cce7d987b1ba523c4a53b718a75e4
SHA256

a5a68d1970badfb04025a60c445bc1cdfd8bae3ba5e9d582f9fee45634bf7419
SHA512

e19fd153ae2fbf4b0cdc823696502fd49527ca454ab1e6cdc2189464ca0843bcd9d3e2e4770099c7e2e92473dfafaaf8e70fadfb6dcc081fa5b772d75ac3761d
SSDEEP

196608:aZpzYZVdl3/sGFKIWN3O8VuYJ/VFWPeEGM:aePRFKIW5NMa/VAjr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-04_29f1032b17157ed6c32afe5941c03ddf_avoslocker_poet-rat_rhadamanthys

Files

2024-09-04_29f1032b17157ed6c32afe5941c03ddf_avoslocker_poet-rat_rhadamanthys
.exe windows:6 windows x86 arch:x86

6c53a00044134ac38e7fb1816311c0cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\_My\_Work\Clipdiary\Clipdiary\Release\Clipdiary.pdb

Imports

kernel32

SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
GetSystemTimeAsFileTime
CreateFileW
WaitForSingleObject
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
GetEnvironmentVariableA
FindClose
FindFirstFileW
SetFileTime
InitializeCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
GetModuleHandleW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
SetErrorMode
ExitProcess
SetThreadPriority
TerminateThread
GetExitCodeThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetCurrentDirectoryW
GetFileType
CopyFileW
GetFileTime
GetLongPathNameW
GetTempFileNameW
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
ReadDirectoryChangesW
FindNextFileW
SetHandleInformation
CreatePipe
SetNamedPipeHandleState
PeekNamedPipe
WaitForMultipleObjects
GetExitCodeProcess
CreateThread
CreateProcessW
GetEnvironmentVariableW
GetVersionExW
GetNativeSystemInfo
GetModuleFileNameW
LoadResource
LockResource
SizeofResource
FindResourceW
GetComputerNameW
IsValidCodePage
GetCommandLineW
GetACP
IsValidLocale
GetThreadLocale
SetThreadLocale
GetUserDefaultLCID
ExpandEnvironmentStringsW
GetCurrentThread
RaiseException
IsBadReadPtr
IsBadStringPtrA
MulDiv
GlobalFree
GlobalHandle
GetStdHandle
FreeConsole
AttachConsole
WriteConsoleA
WriteConsoleW
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
ReadConsoleOutputCharacterA
RtlUnwind
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
FindFirstFileExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDriveTypeW
GetFileInformationByHandle
GetTimeZoneInformation
CreateDirectoryW
RemoveDirectoryW
MoveFileExW
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
EnumSystemLocalesW
GetOEMCP
GetFileSizeEx
GetCurrentDirectoryW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetSystemTime
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
FlushFileBuffers
LocalFree
LCMapStringEx
GetCPInfo
CompareStringEx
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
GetLogicalDriveStringsW
EnterCriticalSection
DecodePointer
EncodePointer
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
FreeLibrary
QueryPerformanceFrequency
GetLocaleInfoW
Process32NextW
Process32FirstW
lstrcpyW
SetLastError
K32GetProcessImageFileNameW
Module32FirstW
CreateToolhelp32Snapshot
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
OpenProcess
GetLastError
CloseHandle
GetTickCount
GetFileAttributesW
Sleep

user32

GetSysColor
FillRect
InflateRect
PtInRect
SetParent
GetWindow
IsDialogMessageW
SetScrollInfo
GetScrollInfo
SystemParametersInfoW
LoadBitmapW
LoadIconW
LoadImageW
GetIconInfo
CreateDialogParamW
GetDlgItem
SetWindowRgn
GetWindowPlacement
SetLayeredWindowAttributes
FlashWindowEx
IsIconic
IsZoomed
CreateDialogIndirectParamW
GetDialogBaseUnits
DrawMenuBar
GetSystemMenu
EnableMenuItem
DrawTextW
DrawFocusRect
CreateIconIndirect
DrawStateW
CopyRect
OffsetRect
DrawEdge
DrawFrameControl
GetMenuState
CheckMenuItem
GetSubMenu
GetMenuItemID
SetMenuItemInfoW
GetSysColorBrush
SetRect
CheckMenuRadioItem
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
SetMenuInfo
InsertMenuItemW
GetComboBoxInfo
IsMenu
keybd_event
GetWindowTextLengthW
HideCaret
ValidateRgn
IsRectEmpty
ChildWindowFromPoint
FindWindowExW
DrawIconEx
RegisterWindowMessageW
SetMenu
DestroyCursor
MessageBeep
GetClassNameW
WindowFromPoint
GetDoubleClickTime
GetCaretBlinkTime
GetClassInfoW
GetProcessDefaultLayout
SetCursorPos
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
GetMessageW
ValidateRect
GetWindowDC
BeginPaint
EndPaint
GetDesktopWindow
AdjustWindowRectEx
ShowCursor
ChangeDisplaySettingsExW
EnumDisplaySettingsW
MonitorFromWindow
EnumDisplayMonitors
wsprintfW
MoveWindow
AnimateWindow
ShowWindow
CallWindowProcW
PostQuitMessage
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
TranslateMessage
KillTimer
SetTimer
MsgWaitForMultipleObjects
DispatchMessageW
LoadCursorW
SetCursor
DdeFreeStringHandle
DdeQueryStringW
DdeCreateStringHandleW
DdeGetLastError
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeClientTransaction
DdeNameService
DdePostAdvise
DdeDisconnect
DdeUninitialize
DdeInitializeW
BringWindowToTop
RegisterClassW
DestroyWindow
UnregisterClassW
DefWindowProcW
WaitForInputIdle
PeekMessageW
PostThreadMessageW
MessageBoxW
GetClientRect
SetWindowTextW
EnableScrollBar
ScrollWindow
RedrawWindow
InvalidateRect
GetUpdateRgn
ChildWindowFromPointEx
MapWindowPoints
ScreenToClient
UnionRect
ReleaseDC
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
IsWindowEnabled
EnableWindow
ReleaseCapture
SetCapture
GetCapture
VkKeyScanW
GetAsyncKeyState
GetKeyState
GetFocus
GetActiveWindow
SetFocus
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SendMessageW
IsWindowVisible
GetForegroundWindow
SetForegroundWindow
GetWindowLongW
SetWindowLongW
SendInput
MapVirtualKeyW
GetDC
BlockInput
IsWindow
OpenClipboard
CloseClipboard
GetClipboardOwner
SetClipboardData
GetClipboardData
RegisterClipboardFormatW
GetCursorPos
GetPropW
SetWindowPos
EnumClipboardFormats
GetKeyNameTextW
CharLowerW
GetKeyboardLayoutList
DestroyIcon
SetRectEmpty
GetGUIThreadInfo
GetMonitorInfoW
MonitorFromPoint
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
FindWindowW
ClientToScreen
GetWindowRect
GetSystemMetrics
AddClipboardFormatListener
CreateWindowExW
PostMessageW
GetClipboardFormatNameW
EmptyClipboard
IsClipboardFormatAvailable
GetWindowTextW
GetWindowThreadProcessId
GetParent
DdeConnect

gdi32

PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
GetSystemPaletteEntries
CreateDCW
SetAbortProc
SetDIBColorTable
GetDIBColorTable
CreateDIBitmap
SetTextColor
CreateDIBSection
GetDIBits
ExtCreatePen
CreatePen
GetTextExtentExPointW
GetCharABCWidthsW
StartDocW
GetNearestPaletteIndex
CreatePalette
PtInRegion
GetRgnBox
EqualRgn
CreateICW
RectInRegion
CreateRectRgnIndirect
CombineRgn
MoveToEx
LineTo
GetBkColor
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolyBezier
Polyline
Polygon
LPtoDP
DPtoLP
ExtTextOutW
ModifyWorldTransform
SetWorldTransform
GetWorldTransform
SetStretchBltMode
SetROP2
EndDoc
StartPage
EndPage
GetPaletteEntries
SetBkMode
SetBkColor
OffsetRgn
GetRegionData
ExtCreateRegion
GetOutlineTextMetricsW
CreateFontIndirectW
GetObjectW
DeleteObject
GdiFlush
SetBrushOrgEx
GetTextMetricsW
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
EnumFontFamiliesExW
CreateRectRgn
StretchDIBits
StretchBlt
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
ExtSelectClipRgn
RoundRect
Rectangle
PolyPolygon
Pie
MaskBlt
GetObjectType
GetClipBox
ExtFloodFill
BitBlt
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreateSolidBrush
GetGraphicsMode
GetViewportExtEx
GetWindowExtEx
GetTextExtentPoint32W
GetPixel
SelectClipRgn
SetPixel
SetWindowOrgEx
CreateHatchBrush
CreatePatternBrush
GetStockObject
Arc
Ellipse
ExcludeClipRect

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ExtractIconExW
ShellExecuteExW
ExtractIconW
DragAcceptFiles
DragFinish
SHGetMalloc
ord6
DragQueryPoint
SHGetFolderPathW
CommandLineToArgvW
Shell_NotifyIconW
DragQueryFileW
SHGetFileInfoW

wsock32

WSACleanup
__WSAFDIsSet
WSAStartup
inet_ntoa
WSAGetLastError
accept
getservbyname
bind
closesocket
connect
getsockname
getsockopt
listen
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket
gethostbyname
gethostbyaddr
ntohs
ntohl
ioctlsocket
htons
htonl

winmm

PlaySoundW

comctl32

ImageList_Replace
ImageList_SetBkColor
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_Remove
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_Copy
ord16
ord17
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

rpcrt4

UuidToStringW
RpcStringFreeW

shlwapi

AssocQueryStringW
SHAutoComplete

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

msimg32

AlphaBlend
GradientFill

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW
PrintDlgW
ChooseFontW
ChooseColorW
CommDlgExtendedError

advapi32

RegSetValueExW
GetUserNameW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
SystemFunction036

ole32

OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
RegisterDragDrop
CoLockObjectExternal
OleInitialize
DoDragDrop
RevokeDragDrop
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
CoCreateInstance
ReleaseStgMedium

oleacc

LresultFromObject

uxtheme

DrawThemeBackground
CloseThemeData
OpenThemeData
GetThemeBackgroundContentRect
IsThemeBackgroundPartiallyTransparent
IsThemePartDefined
IsAppThemed
IsThemeActive
GetCurrentThemeName
GetThemeBackgroundExtent
GetThemeFont
SetWindowTheme
GetThemeSysFont
GetThemeSysColor
GetThemeInt
GetThemePartSize
GetThemeMargins
DrawThemeParentBackground
GetThemeColor

Exports

Exports

sqlite3_carray_bind
sqlite3_carray_init
sqlite3_csv_init
sqlite3_fileio_init
sqlite3_regexp_init
sqlite3_series_init
sqlite3_shathree_init
sqlite3_uuid_init
sqlite3_vsv_init

Sections

.text
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 499KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c53a00044134ac38e7fb1816311c0cf

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

wsock32

winmm

comctl32

rpcrt4

shlwapi

version

msimg32

winspool.drv

comdlg32

advapi32

ole32

oleacc

uxtheme

Exports

Exports

Sections

.text Size: 6.7MB - Virtual size: 6.7MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 205KB - Virtual size: 435KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 499KB - Virtual size: 498KB

.text
Size: 6.7MB - Virtual size: 6.7MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 205KB - Virtual size: 435KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 499KB - Virtual size: 498KB