ilogin[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ilogin.exe
Size

11KB
MD5

5249ff6a8b0d3bfadce8e7d0d159bbe4
SHA1

ea2e10a27c960fa417e747b940a90f1c8c9381a3
SHA256

61a6a038e68a5f430653273218e8e5d0f9f0fea4610d0570d917d2fe0b3510a1
SHA512

898d3d43c69d76a67479fea956feab34221b3c45cc6187be639e6790e0169faf32c33b25d366dd3be137a5d30732251308c5d88a3e440ebe3c8b1806dcfac37a
SSDEEP

192:Hl7LtrLz+w+bvabe97BlCEL6tfmQO1RS1c42:xLdX+u6flC/1m71T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ilogin.exe

Files

ilogin.exe
.exe windows x86

b535d37a2c23fcadb9c0ea54c5a856c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

isqlt09a

ord28
ord42
ord283
ord30
ord18
ord208
ord22
ord34
ord44
ord406
ord407

user32

SetFocus
DefWindowProcA
SendMessageA
DialogBoxParamA
ShowWindow
CreateWindowExA
MessageBoxA
GetDlgItem
SetDlgItemTextA
wsprintfA
TranslateMessage
DispatchMessageA
LoadCursorA
UpdateWindow
LoadIconA
EndDialog
RegisterClassA
GetMessageA
LoadStringA
PostQuitMessage
GetDlgItemTextA

gdi32

GetStockObject

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_controlfp
_initterm
_adjust_fdiv
exit
_XcptFilter
__p__acmdln
sprintf
strcpy
_exit
__getmainargs
__setusermatherr

kernel32

GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ