sihost[.]exe | Triage

Sharing

General

Target

sihost.exe
Size

726KB
MD5

1d2e25e64e7c402540fa6ce6871257f4
SHA1

667d3c3fd23e7ed300fbe2f3f89fdf8cbbecab1c
SHA256

cb371580851e963cfe4db1fa1953269d0c87acaaed578dd9fe670bc7a9d0df45
SHA512

eef504ff106c9703b93166254c9040de7e7dac9bca63926430222960cc25571228bc387b3f524e7cbd79ce81cc096e2d557ed52bb7c8be06fa5561cb6ea596b6
SSDEEP

12288:/V5v6fX9KL7XCRWk7AKmVCG2hq5diAAV0SZJgzkpVcubpR8Iu1tC2ik:qftm7XoWrbgG2QXiHV0KuzElYIu1Xd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
sihost.exe

Files

sihost.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ