AccountLogon[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AccountLogon.exe
Size

459KB
MD5

9fca5ec20099c7602ff8632793c00328
SHA1

b15646d70e05339f1fb6cd46ce08d9788b91da6d
SHA256

4d7952f20f65163d7d99159511438d71dd4f81398278b86c460e8c273943a4e9
SHA512

559483c735603e013e40c4ba072964a9675abd1b1505fd4223126253666390edf4a321868451fed778aee57f00b07e6efc37bc117d6960be0baff44ab37c6d3e
SSDEEP

12288:0L2hGLTFFOhtts4yKjtlpPNlZXZZlZU/qlZdVPeH3bo+JlLp:0xFFOskjtl7lZXZZlZ0qZPP3wV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AccountLogon.exe

Files

AccountLogon.exe
.exe windows:4 windows x86 arch:x86

644c625dbe727aed8203259448f73750

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvbvm60

EVENT_SINK_GetIDsOfNames

Sections

pec1
Size: 233KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 222KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE