Step_One(MOUSEMOVE)[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Step_One(MOUSEMOVE).exe
Size

3KB
MD5

a8fd634fa01587027706a30e44c9f38a
SHA1

b0f4e652ba5931032d2dcd21a598b79bc569a426
SHA256

653115fc3564c04c7cce70721b0aee07db1c3970f27273814042bf902c0d2847
SHA512

b6ece80c357070da53c9c9cf93d93e9efd97bb70345624a8fd7038bcce27270e26ee00284b7103d3f3123e1f7d5fcd73638a79a184baa3c3fbaff6dc34fe9030

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Step_One(MOUSEMOVE).exe

Files

Step_One(MOUSEMOVE).exe
.exe windows:4 windows x86

0dc681968f4e05ed7a64d42ebe772ba6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
LoadIconA
PostQuitMessage
RegisterClassA
GetMessageA
ShowWindow
TranslateMessage
UpdateWindow
DispatchMessageA
DefWindowProcA
CreateWindowExA
SetWindowTextA
wsprintfA

gdi32

GetStockObject

kernel32

ExitProcess
GetModuleHandleA

Sections

.text
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE