Transerv[.]exe

General

Target

Transerv.exe
Size

58KB
MD5

4bb99a9a7645db7ba28ee47e65e6dd66
SHA1

f32f149ce03af7ba16d1a5ee3325c932a25dfd8e
SHA256

36cb9e331e09b8d63b246e49875347ed693c3d9ab81953bf28ec17d110fb90d0
SHA512

40de359bd506397abdf6d992c45a2a557037ce1f56e33677cf4d15af62fc4d6484f59d14fdd11b81e9c0b57be5904721ea330b602bd404f53ec10f22a2fa695a
SSDEEP

768:i3SDLdozh4CZhzi8xxcXyHQDPOqfIVZHsDzUnQsWUxEELFr0cR+2U/g2FRSSx:iCOh4CDvxozPOqYsDzI1WoFRTcg2FwW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Transerv.exe

Files

Transerv.exe
.exe windows x86

0139d86d2b8c42f161871027ad4d6547

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetProcAddress
LoadLibraryA
Sleep
CloseHandle
GetLastError
CreateMutexA
SetFilePointer
HeapAlloc
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
SetEndOfFile
GetStringTypeW
GetStringTypeA
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
ReadFile
CreateFileA
WriteFile
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
FreeLibrary
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsBadWritePtr
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
VirtualAlloc
SetStdHandle
FlushFileBuffers

user32

MessageBoxA

wsock32

recv
WSACleanup
WSAStartup
accept
ntohl
listen
bind
send
socket
WSAGetLastError
closesocket
htonl
htons
setsockopt
inet_ntoa

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0139d86d2b8c42f161871027ad4d6547

Headers

File Characteristics

Imports

kernel32

user32

wsock32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 14KB - Virtual size: 20KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 14KB - Virtual size: 20KB