SessionSearcher[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SessionSearcher.exe
Size

8KB
MD5

d4969c3a7d88ad38f885a061bba26752
SHA1

7d1a911366f8feb9687b13bc7b181c7ffebe9f29
SHA256

a38f6ecc6230b87a0da055351528416f5150c6ec5e1b505043883a142cd36f14
SHA512

5d1cfba4af51fc265783f3f0d7c6854babc974e71c4bd0c5cbdbf28399164f2e4c396b22026bbddbd350aae3ef6027777633f92c72a8a6a8746b756b154381eb
SSDEEP

96:Tqf26r7yixXWZi5HZTFiGNhb5GJTLq7BrEqVs/ULutEqjH6tGpdAeFzNt:Tq7Xyix8Q7Tn5Cvq71s/PfD6t4dN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SessionSearcher.exe

Files

SessionSearcher.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ