tresendn[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

tresendn.exe
Size

1.1MB
MD5

50838e36b540554935b40eeda242fe7d
SHA1

b620bc803cabe555ffc350a07f41f8b332eb641d
SHA256

4c8e7c386799a41069ec8691f3e35385fcd4763dded79d9e0f2341c85ab7355f
SHA512

805924601db6d3c67bb9f20db635e7185d8c0f9fe9b71b2ff46c0e12dc9d66747336a292d1c6e8a3f676c9e3d610bc845f8829b9a696f955cd2501073f459778
SSDEEP

24576:Bkf/FTmpNbSjEDkHjfpxnVOYkFuZbjMV4+Pw3Ev:BkHVgV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tresendn.exe

Files

tresendn.exe
.exe windows:4 windows x86

b1882fe497198079bd863c3dd4e7f4ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CreateFileA
GetFileTime
DosDateTimeToFileTime
FileTimeToDosDateTime
CompareFileTime
FileTimeToSystemTime
DuplicateHandle
GetCurrentProcess
SetStdHandle
CreatePipe
GetStdHandle
ReadFile
WriteFile
CreateProcessA
TerminateProcess
GetExitCodeProcess
SetErrorMode
FileTimeToLocalFileTime
GetTimeZoneInformation
GetTempPathA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
RemoveDirectoryA
MultiByteToWideChar
lstrcpyA
GetCurrentDirectoryA
GetCurrentProcessId
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
GetLocalTime
MoveFileA
ClearCommError
GetLastError
SetCommTimeouts
GetCommTimeouts
SetCommState
SetupComm
ClearCommBreak
BuildCommDCBA
GetCommState
CreateEventA
PurgeComm
CloseHandle
TransmitCommChar
WriteFileEx
GetCommModemStatus
EscapeCommFunction
lstrlenA
CompareStringW
CompareStringA
LoadLibraryA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetOEMCP
GetACP
GetCPInfo
WaitForSingleObject
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetLocaleInfoW
GetModuleHandleA
GetProcAddress
UnhandledExceptionFilter
WideCharToMultiByte
GetStartupInfoA
SetHandleCount
FlushFileBuffers
FatalAppExitA
HeapSize
HeapReAlloc
SetFileAttributesA
GetTickCount
SetConsoleCtrlHandler
Sleep
CreateDirectoryA
FindFirstFileA
CopyFileA
FindNextFileA
GetCommProperties
FindClose
GetCurrentThread
SetLastError
TlsFree
TlsAlloc
RtlUnwind
ExitProcess
GetFileAttributesA
DeleteFileA
GetFileType
GetSystemTime
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
SetFilePointer
SetEndOfFile
SetEnvironmentVariableA
SetCurrentDirectoryA
RaiseException
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetFullPathNameA
GetDriveTypeA
GetFileInformationByHandle
PeekNamedPipe

user32

GetWindowThreadProcessId
MessageBoxA
GetWindowRect
GetWindowTextLengthA
GetWindow
GetDesktopWindow
FindWindowExA
ExitWindowsEx
DispatchMessageA
TranslateMessage
PeekMessageA
IsDialogMessageA
TranslateAcceleratorA
SendMessageA
FindWindowA
GetParent

wsock32

closesocket
setsockopt
getsockopt
inet_ntoa
htons
bind
gethostbyname
WSAGetLastError
htonl
ioctlsocket
ntohl
recv
send
socket
listen
inet_addr
accept
connect
sendto
gethostname
WSACleanup
WSAStartup
ntohs
recvfrom

advapi32

RegSetValueExA
RegFlushKey
RegCloseKey
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 940KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1882fe497198079bd863c3dd4e7f4ff

Headers

File Characteristics

Imports

kernel32

user32

wsock32

advapi32

ole32

Sections

.text Size: 940KB - Virtual size: 936KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 88KB - Virtual size: 96KB

.text
Size: 940KB - Virtual size: 936KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 88KB - Virtual size: 96KB