Step_One[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Step_One.exe
Size

3KB
MD5

52955c6a19eefa8ef48dbf4e5974e321
SHA1

67dd1a7abb88afa954686ff00405a7870d4466a1
SHA256

0cd7448d6bbd33b10f0e9d2b4693b8036017e6ee12147a6e5001f0217626b621
SHA512

7919a6ef4148eca184b8bd1abbb469cf0fd08d0d1f4edcd2c35cda46320d6ceb85dbba3036f85b43b516110413cdd04696f43ccb232807b3b71b83cef39f2a6e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Step_One.exe

Files

Step_One.exe
.exe windows:4 windows x86

5c82ae04b13f9811d85e39b89b6d15ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
PostQuitMessage
RegisterClassA
SendMessageA
LoadCursorA
TranslateMessage
UpdateWindow
SendDlgItemMessageA
GetMessageA
DispatchMessageA
DefWindowProcA
ShowWindow
CreateWindowExA

gdi32

GetStockObject

kernel32

ExitProcess
GetModuleHandleA

Sections

.text
Size: 1024B - Virtual size: 762B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE