2024-11-25_dc1ee6a07a4f65ebf43b9d8d5e3c307b_avoslocker_luca-stealer_ramnit

Sharing

Copy URL

Twitter E-mail

General

Target

2024-11-25_dc1ee6a07a4f65ebf43b9d8d5e3c307b_avoslocker_luca-stealer_ramnit
Size

2.4MB
MD5

dc1ee6a07a4f65ebf43b9d8d5e3c307b
SHA1

0928441e4f6b7bc2778c7cdf4cd2e547a9f285de
SHA256

51f894fa0cfc6ff2b5eef226d676c108bf1e22380da8ba6bbdefbd1b1f65efe8
SHA512

4e87db44efad77e1c618ccbbc85e963da3dfe587dbaabb750fff0d0798edc3ac339709a1871b873e0b9742a16dcbd1d461fc47ac2b21cbcdf21d8978cb90eae1
SSDEEP

49152:l+0BHZGfL7bE2tPPU59/s3sNNOwfSCqwILfNiD1E77ELHQbrMSUWW79:l+0SL7ptPPU59/s3sNNO8/ZILfNipEXu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-11-25_dc1ee6a07a4f65ebf43b9d8d5e3c307b_avoslocker_luca-stealer_ramnit

Files

2024-11-25_dc1ee6a07a4f65ebf43b9d8d5e3c307b_avoslocker_luca-stealer_ramnit
.exe windows:6 windows x86 arch:x86

1bda8ebd8b95c16aea1d9ff95e49f219

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\tfs-txt2word-原始\Txt2Word\_Out\Win32\Release\Txt2Word.pdb

Imports

kernel32

GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
GetStdHandle
IsValidLocale
GetSystemInfo
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
ExitProcess
SetFilePointerEx
VirtualQuery
EnumSystemLocalesW
DeleteFileW
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTempFileNameA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
FindResourceExW
GetFileAttributesA
GetProfileIntA
GetTickCount
SearchPathA
GetWindowsDirectoryA
GetTempPathA
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
DeleteFileA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetThreadLocale
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
GetACP
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
InitializeCriticalSectionAndSpinCount
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
CloseHandle
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
EncodePointer
GetCurrentThreadId
MultiByteToWideChar
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GlobalAlloc
GetModuleFileNameA
GetCurrentProcessId
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
OutputDebugStringA
LoadLibraryA
GetProcAddress
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapFree
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteConsoleW

user32

GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
WindowFromPoint
MessageBeep
SetWindowRgn
DeleteMenu
LoadMenuW
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
CharUpperA
IsZoomed
TrackMouseEvent
IntersectRect
RealChildWindowFromPoint
EnumDisplayMonitors
LoadCursorW
LoadCursorA
GetSysColorBrush
SetLayeredWindowAttributes
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
OffsetRect
SetRectEmpty
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
MapVirtualKeyA
GetKeyNameTextA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
IsDialogMessageA
GetWindow
SetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
IsRectEmpty
UpdateLayeredWindow
EnableScrollBar
RegisterClipboardFormatA
MessageBoxA
GetFocus
SendMessageA
EnableWindow
SetWindowPos
MoveWindow
ShowWindow
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
PtInRect
GetCursorPos
GetWindowRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
UnionRect
MonitorFromPoint
CopyImage
WaitMessage
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
GetNextDlgGroupItem
DestroyIcon
LoadImageW
DrawEdge
DrawFrameControl
DrawFocusRect
BeginPaint
ReleaseDC
DrawIconEx
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
UnregisterClassA
LoadIconW
GetSystemMenu
AppendMenuA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
DrawStateA
UpdateWindow
InvalidateRect
FillRect
GetClassNameA
LoadBitmapW
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetParent
GetWindowThreadProcessId
GetLastActivePopup
LoadImageA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
CharUpperBuffA
ModifyMenuA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
CopyIcon
FrameRect
PostThreadMessageA
GetIconInfo
HideCaret
InvertRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
DestroyCursor
GetComboBoxInfo
GetWindowRgn
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongA
LockWindowUpdate
BringWindowToTop
SetParent
SetCursorPos

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleBitmap
GetClipBox
EnumFontFamiliesA
GetTextCharsetInfo
GetTextMetricsA
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
OffsetRgn
Rectangle
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
CreateDCA
CopyMetaFileA
GetObjectA
GetStockObject
DeleteObject
CreateSolidBrush
CreateDIBitmap
GetDeviceCaps
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathRemoveFileSpecW
PathStripToRootA
StrFormatKBSizeA
PathFindExtensionA

uxtheme

GetWindowTheme
GetThemePartSize
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CLSIDFromString

oleaut32

VarBstrFromDate
VariantCopy
SysAllocString
SafeArrayDestroy
VariantTimeToSystemTime
OleCreateFontIndirect
LoadTypeLi
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipBitmapLockBits
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1bda8ebd8b95c16aea1d9ff95e49f219

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 364KB - Virtual size: 363KB

.data Size: 24KB - Virtual size: 42KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 147KB - Virtual size: 147KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 364KB - Virtual size: 363KB

.data
Size: 24KB - Virtual size: 42KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 147KB - Virtual size: 147KB

.rmnet
Size: 56KB - Virtual size: 60KB