2024-09-09_20b0ddbea5043ee06af15475e504957d_avoslocker | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-09_20b0ddbea5043ee06af15475e504957d_avoslocker
Size

7.4MB
MD5

20b0ddbea5043ee06af15475e504957d
SHA1

ef5a3c1e1772a28c158b205be3d18433bc625490
SHA256

c8a2f2a366cdfc97de5da7921d34c33b78c8bb86fe051127827fc5913b45f852
SHA512

2a21c0c7dd924844610455d5e0bc95a6154dcac28c734d0c05b0ee99e8e946b57a5089713679573c32f958995a5580d901b8b12baf4f69c3c75cfc58e2f0fb52
SSDEEP

98304:Q4h5PfhefTAv8HM2JyiFpK6FR4FBm21BgdKqyyjab0AM:F5PfhoAUs2JyEYxBwjz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-09_20b0ddbea5043ee06af15475e504957d_avoslocker

Files

2024-09-09_20b0ddbea5043ee06af15475e504957d_avoslocker
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 921KB - Virtual size: 921KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ