LoginMenu[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

LoginMenu.exe
Size

12.1MB
MD5

d67af7e418a9b268c6464db80ca3d8b6
SHA1

1cee63f3cd0657028a5ec3b3001d0df87ec19eb4
SHA256

6164dba77b2f71e37c2dccc9219580b9ae1532d9f1de222c75217c315d5bea97
SHA512

b6c29aaf7342422ee4dd34863e71b7aab4e5abf61a8c44e73ebcf3f252a6387b2f9f3ac305da2135c6b7478fb1b7d1666cd15b1af21055845bb0b91a7aad5e54
SSDEEP

196608:BuFc0aI/N4Nxe117F9fo89PmR9MVVBr81lknsfh28fmV2gDlS2TzBm:EFc0aIMxef7T9PmfMVvr8sOh6V21

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LoginMenu.exe

Files

LoginMenu.exe
.exe windows:6 windows x64 arch:x64

1ad7f4f793d3408af074e491860f5a6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle

advapi32

ChangeServiceConfigA

user32

MessageBoxA

shlwapi

PathFileExistsW

wininet

HttpQueryInfoA

Sections

.text
Size: - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: - Virtual size: 140B

.syscall
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.i6Q
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Kj-
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Hk5
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 411B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ad7f4f793d3408af074e491860f5a6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

wininet

Sections

.text Size: - Virtual size: 225KB

.rdata Size: - Virtual size: 71KB

.data Size: - Virtual size: 972KB

.pdata Size: - Virtual size: 11KB

.00cfg Size: - Virtual size: 56B

.gxfg Size: - Virtual size: 8KB

.retplne Size: - Virtual size: 140B

.syscall Size: - Virtual size: 4KB

_RDATA Size: - Virtual size: 500B

.i6Q Size: - Virtual size: 6.6MB

.Kj- Size: 512B - Virtual size: 128B

.Hk5 Size: 12.1MB - Virtual size: 12.1MB

.rsrc Size: 512B - Virtual size: 411B

.reloc Size: 512B - Virtual size: 276B

.text
Size: - Virtual size: 225KB

.rdata
Size: - Virtual size: 71KB

.data
Size: - Virtual size: 972KB

.pdata
Size: - Virtual size: 11KB

.00cfg
Size: - Virtual size: 56B

.gxfg
Size: - Virtual size: 8KB

.retplne
Size: - Virtual size: 140B

.syscall
Size: - Virtual size: 4KB

_RDATA
Size: - Virtual size: 500B

.i6Q
Size: - Virtual size: 6.6MB

.Kj-
Size: 512B - Virtual size: 128B

.Hk5
Size: 12.1MB - Virtual size: 12.1MB

.rsrc
Size: 512B - Virtual size: 411B

.reloc
Size: 512B - Virtual size: 276B