Step_One[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Step_One.exe
Size

3KB
MD5

dc04a36d416503062e4f0f8d55e9ec07
SHA1

fca8bbdf968d9150a29ba9b1394bbb3c16e581f7
SHA256

32b3f49e05605cd0969b1e52a5ecfbb823dc2c12443c3af533003c7edf1f2d79
SHA512

cf877ea1d5d24f67cde0c37686244b7b1cddc84593a9b8341c2e1632c3f50375b97ac12facbc0ce3df568e39675d62d33925978b065d43cdd89c2c0430dafad4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Step_One.exe

Files

Step_One.exe
.exe windows:4 windows x86

77bdbaf504d909816a94dafbc7c288fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
TranslateMessage
UpdateWindow
RegisterClassA
ReleaseDC
SetTimer
WindowFromDC
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
GetDC
DispatchMessageA
DefWindowProcA
InvalidateRect
CreateWindowExA

gdi32

CreatePen
SelectObject
Polyline
DeleteObject
GetStockObject

kernel32

ExitProcess
GetModuleHandleA

Sections

.text
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE