Step_One[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Step_One.exe
Size

3KB
MD5

8243b046a8a49fa437aa9ed957df2b83
SHA1

5e273eeb8bb0141ab80cdc1325cfa43df61cfb16
SHA256

c70541102185b16229aba8d8a44d31449a1d895f30ff64d7553f91ae08e66224
SHA512

6957ae6d2f19577b3ed08f4e5bd39529892d38c454a08b5353a05554e605609860b0ff75b3e47fc366e132f36103ab84efa2acf246528c4a27b09da51df8ff4d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Step_One.exe

Files

Step_One.exe
.exe windows:4 windows x86

3c22a16d37d17ae600ee4c6653edb1cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvalidateRect
UpdateWindow
TranslateMessage
ShowWindow
RegisterClassA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
GetDC
DispatchMessageA
DefWindowProcA
WindowFromDC
CreateWindowExA

gdi32

Rectangle
CreatePen
SelectObject
RoundRect
GetStockObject
Ellipse
DeleteObject
CreateSolidBrush

kernel32

ExitProcess
GetModuleHandleA

Sections

.text
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE