General
-
Target
2024-06-30_283a085ca603e762a0cdfeca133078d4_avoslocker
-
Size
4.2MB
-
Sample
240630-nxkw7axcne
-
MD5
283a085ca603e762a0cdfeca133078d4
-
SHA1
5803a411f902ab17cb6ac5dfd4961fca8eb235a4
-
SHA256
4682f33401c6f649275c861d4f293c4a99770b72c1089529e9f893b50985e515
-
SHA512
5a988dd55c038983e5918bdce9f083eb8e10cbb47bb7ba1d3c9e916b107d486837127c6650379449b6be996270b7cf447d782a297719d32446ae732a3b00a494
-
SSDEEP
98304:gpq/d8kCBnlMyQjujDW9tBcg2jGqwwAXSY+139YOtYsnYT50kB3tiX9P:Bcu5ujyp8jGqwwCq3t/2Ntm9P
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-30_283a085ca603e762a0cdfeca133078d4_avoslocker.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-30_283a085ca603e762a0cdfeca133078d4_avoslocker.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-30_283a085ca603e762a0cdfeca133078d4_avoslocker
-
Size
4.2MB
-
MD5
283a085ca603e762a0cdfeca133078d4
-
SHA1
5803a411f902ab17cb6ac5dfd4961fca8eb235a4
-
SHA256
4682f33401c6f649275c861d4f293c4a99770b72c1089529e9f893b50985e515
-
SHA512
5a988dd55c038983e5918bdce9f083eb8e10cbb47bb7ba1d3c9e916b107d486837127c6650379449b6be996270b7cf447d782a297719d32446ae732a3b00a494
-
SSDEEP
98304:gpq/d8kCBnlMyQjujDW9tBcg2jGqwwAXSY+139YOtYsnYT50kB3tiX9P:Bcu5ujyp8jGqwwCq3t/2Ntm9P
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-