useraccount[.]aspx

Sharing

Copy URL Twitter E-mail

General

Target

useraccount.aspx
Size

2.9MB
MD5

a878e2f8998c1f77133287937e254561
SHA1

7ae3434a226d8f15dd9f3c226b91741b78e83afa
SHA256

29db5421adb70240fd67e5ee9a6cdb2a2f9055e113e8acd5bc8b36702bbe9c7e
SHA512

cfc949939a900f10d802b8ae2bb75dbc55250e167b3d8f113ccb03a33961c10feded5b30a4ef27f891a070cff58d42a22ef1cfc8b93baed298b098bf689b49ad
SSDEEP

49152:is/7ejTWD1Z/fGlv8AXH11q3RyG9zinu8aJih4IEpp5iU9O0ynjnyJqobL/Mt3A1:uTWJtGZbuHHfoUsrY4Gzo6N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
useraccount.aspx

Files

useraccount.aspx
.dll windows:6 windows x86 arch:x86

ce5c02b58e3c0a4072c4d33aa2901083

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetLastError
SetLastError
HeapAlloc
HeapReAlloc
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
ExitProcess
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessorNumber
GetTickCount
GetTickCount64
GetLargePageMinimum
GetModuleHandleA
lstrlenA
IsBadReadPtr
IsValidCodePage
GetACP
GetOEMCP
GetSystemDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemDefaultLCID
GetThreadUILanguage
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
GetModuleFileNameW
GetModuleHandleExW
RaiseException
LoadLibraryExW
GetProcAddress
DecodePointer
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
InterlockedFlushSList
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc

user32

ArrangeIconicWindows
GetTopWindow
GetShellWindow
GetParent
GetDesktopWindow
GetCaretPos
GetCaretBlinkTime
GetCursor
GetCursorPos
MessageBoxW
GetWindowTextLengthA
GetUpdateRect
EndPaint
BeginPaint
GetWindowDC
GetForegroundWindow
EndMenu
GetSubMenu
DestroyMenu
GetSystemMenu
GetMenu
IsWindowEnabled
IsWindowUnicode
GetCapture
GetFocus
GetActiveWindow
GetDialogBaseUnits
GetDlgCtrlID
IsZoomed
AnyPopup
IsIconic
IsWindowVisible
EndDeferWindowPos
BeginDeferWindowPos
OpenIcon
IsWindow
GetDoubleClickTime
IsWow64Message
GetMessageExtraInfo
GetMessageTime
GetMessagePos
GetLastActivePopup

shlwapi

StrCmpIW

Exports

Exports

DllInstall
ThreadFunction
curl_easy_init

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 509KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce5c02b58e3c0a4072c4d33aa2901083

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 509KB - Virtual size: 509KB

.data Size: 3KB - Virtual size: 3.6MB

.reloc Size: 237KB - Virtual size: 237KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 509KB - Virtual size: 509KB

.data
Size: 3KB - Virtual size: 3.6MB

.reloc
Size: 237KB - Virtual size: 237KB