2024-09-05_0586f91cb0eaf39a9118a62738cc9681_avoslocker_floxif

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-05_0586f91cb0eaf39a9118a62738cc9681_avoslocker_floxif
Size

4.9MB
MD5

0586f91cb0eaf39a9118a62738cc9681
SHA1

c7e7a87287b09a0b6e7c4919ed53920cc813b2c8
SHA256

75467ce98b1ca01af1269a0a3c04b72b2ba0ac6e7d0694b9b816ad6707cce7a4
SHA512

8ffc76408007ce408addef5345e68549ee1e2857199c61676e3d25821a2828eccbeaea18519c34802e9b7845b67108c169016de220b7e97f42bb63d29ccf09b9
SSDEEP

98304:bX4FtrkFYqOL1rsdSAtA+zX2eROJMB5LV2UluNJJtxTZeSZZYydI2Eg:zWrkCqOL1r0Up08TZeSZ2ydI6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-05_0586f91cb0eaf39a9118a62738cc9681_avoslocker_floxif

Files

2024-09-05_0586f91cb0eaf39a9118a62738cc9681_avoslocker_floxif
.exe windows:6 windows x86 arch:x86

d2f4a426da869d6f6bd9773e4e23d95e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Bit-Bucket\BTS-Retail\SP24PLUS_REQ\frontend\odin-group\FTUpdateService\Release\FTUpdateService.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindFirstFileExW
GetDriveTypeW
GetFileAttributesExW
CreateProcessW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
LCMapStringW
CompareStringW
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
GetTimeZoneInformation
RtlUnwind
GetStringTypeW
OutputDebugStringW
ResetEvent
CreateFileA
GetFileSize
ReadFile
DecodePointer
CloseHandle
RaiseException
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceW
MulDiv
WideCharToMultiByte
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetFileTime
SetFileTime
InitializeCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
GetExitCodeProcess
GetCurrentThreadId
GetExitCodeThread
GetSystemTime
GetModuleFileNameA
LocalAlloc
LocalSize
LocalFree
FormatMessageA
lstrlenA
CopyFileExA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SystemTimeToFileTime
MultiByteToWideChar
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateMutexA
lstrcpyA
Sleep
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
ExitThread
TerminateThread
SuspendThread
GetTickCount
lstrcpynA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetACP
GetOEMCP
GetComputerNameW
CompareFileTime
GetLocalTime
GetFullPathNameW
GetCurrentDirectoryW
GetTempPathA
GetModuleFileNameW
MoveFileExW
CopyFileW
DeleteFileW
GetFileAttributesW
CreateDirectoryW
SetFileAttributesW
MoveFileW
SetFilePointer
FindNextFileW
FindFirstFileW
CreateThread
QueryPerformanceCounter
QueryPerformanceFrequency
SetEndOfFile
WriteFile
CreateFileW
LocalFileTimeToFileTime
LoadLibraryW
CreateSemaphoreA
ReleaseSemaphore
LoadLibraryA
GetVersionExA
SetLastError
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
CopyFileA
OutputDebugStringA
EncodePointer
GetSystemDirectoryW
FreeLibrary
GetModuleHandleW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetCurrentProcessId
FlushFileBuffers
GetFullPathNameA
LockFile
UnlockFile
GetVolumeInformationA
DuplicateHandle
lstrcmpiA
GetThreadLocale
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
SetThreadPriority
ResumeThread
InitializeCriticalSectionAndSpinCount
lstrcmpA
GetCurrentThread
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetCPInfo
VerSetConditionMask
VerifyVersionInfoA
SetErrorMode
GetWindowsDirectoryA
FindResourceExW
SearchPathA
GetProfileIntA
GetTempFileNameA

user32

GetAsyncKeyState
CopyImage
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
LoadCursorA
GetSysColorBrush
GetMenuItemInfoA
DestroyMenu
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
CharUpperA
DrawStateA
MapVirtualKeyA
GetKeyNameTextA
LoadBitmapA
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
WindowFromPoint
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
EqualRect
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
ValidateRect
IsZoomed
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
LoadImageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
DrawIconEx
GetIconInfo
HideCaret
InvertRect
OpenClipboard
UnregisterClassA
SendMessageA
PostMessageA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetWindow
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
IntersectRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
SetCapture
ReleaseCapture
GetSystemMenu
DeleteMenu
SetWindowRgn
MessageBeep
LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
MonitorFromPoint
GetMenuStringA
SetLayeredWindowAttributes
EnumDisplayMonitors
WaitMessage
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
GetNextDlgGroupItem
IsClipboardFormatAvailable
GetForegroundWindow
IsIconic
GetFocus
EnableWindow
GetDC
ReleaseDC
RedrawWindow
GetClientRect
InvalidateRect
FillRect
SetTimer
KillTimer
GetSysColor
DrawAnimatedRects
ShowWindow
SetActiveWindow
SetForegroundWindow
GetWindowRect
FindWindowExA
LoadIconA
SystemParametersInfoA
IsWindowVisible
GetSystemMetrics
LoadMenuW
GetSubMenu
DrawIcon
LockWindowUpdate
GetCursorPos
CopyRect
LoadIconW
DrawEdge
DrawFrameControl
GetMessagePos
UpdateWindow
ClientToScreen
ScreenToClient
DrawFocusRect
InflateRect
UnionRect
PtInRect
GetParent
DrawTextA
CloseClipboard
SetClipboardData
EmptyClipboard
SetClassLongA
SetParent
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
RegisterClipboardFormatA
CharUpperBuffA
ModifyMenuA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
GetWindowRgn
SubtractRect
CreateMenu
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
DestroyCursor
GetUpdateRect
GetDoubleClickTime
MapVirtualKeyExA
IsCharLowerA
GetComboBoxInfo
PostThreadMessageA
ReuseDDElParam
UnpackDDElParam
IsWindow

gdi32

GetStockObject
GetDeviceCaps
CreateFontA
GetObjectType
PatBlt
CreatePalette
GetTextFaceA
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
SetPaletteEntries
ExtFloodFill
OffsetRgn
EnumFontFamiliesExA
LPtoDP
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetDIBColorTable
StretchBlt
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
GetRgnBox
GetTextColor
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateDIBSection
CreateRoundRectRgn
GetTextMetricsA
GetTextExtentPoint32A
DPtoLP
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
GetObjectA
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
RealizePalette
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
CreateDCA
CopyMetaFileA
SetPixel
Rectangle
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptSetHashParam
RegOpenKeyExA
RegQueryValueExA
CryptAcquireContextA
CryptDeriveKey
CryptDecrypt
CryptCreateHash
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
CryptGetProvParam
CryptEnumProvidersA
CryptExportKey
RegCloseKey
CryptDestroyHash
CryptSignHashA
CryptGetUserKey
CryptDestroyKey
RegEnumValueA
CryptGenRandom
CryptReleaseContext
GetUserNameA
RegSetValueExA
RegCreateKeyExA
CryptHashData

shell32

SHAppBarMessage
Shell_NotifyIconA
ShellExecuteA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
SHBrowseForFolderA
DragFinish
ShellExecuteExA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFileExistsA
PathFindExtensionA
StrFormatKBSizeA
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
GetThemePartSize
GetThemeSysColor
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetWindowTheme
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent

ole32

OleIsCurrentClipboard
DoDragDrop
CoInitializeEx
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRegisterMessageFilter
OleFlushClipboard
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleRun
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoUninitialize
CoRevokeClassObject

oleaut32

LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantInit
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantClear
SysAllocString

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipDrawImageRectI
GdipBitmapLockBits
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipCloneImage

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

shutdown
accept
getsockname
send
closesocket
select
__WSAFDIsSet
connect
socket
listen
bind
inet_ntoa
gethostbyname
gethostname
WSAStartup
getsockopt
setsockopt
ioctlsocket
ntohs
inet_addr
htons
WSAGetLastError
recv

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

wininet

FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpOpenFileA
FtpGetFileA
FtpFindFirstFileA
InternetSetStatusCallback
InternetOpenA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetFindNextFileA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectA

winmm

PlaySoundA

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2f4a426da869d6f6bd9773e4e23d95e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

iphlpapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

ws2_32

oleacc

wininet

winmm

imm32

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 259KB - Virtual size: 291KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 216KB - Virtual size: 215KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 259KB - Virtual size: 291KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 216KB - Virtual size: 215KB