AICHAIR[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AICHAIR.exe
Size

874KB
MD5

d3002045d69f95d60cce49d6d962c2a6
SHA1

aa6b39068cd7ea90c65cbd74f958a6b074fe722b
SHA256

d193d4fc300e4637b4ad755f2bcb249e498a507733e2a02933fffb1d01ca4cb7
SHA512

21057a53d8ed1aa95a0cb00e92e4c7363db2d3a7134333cf42cce16203bb13c385df5d7081977c7f09238047d82d3f7e041ef11cec9dc00bf8848ecf6414f98e
SSDEEP

24576:/AwwHXof+K8El1q4QlM0zsi7GhjU3OfQOzf:/A74/QG0z5FOffD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AICHAIR.exe

Files

AICHAIR.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

ASOHC
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SFFBD
Size: 870KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE