Overview

overview

7

Static

static

7

cc15d6bef2...91.exe

windows7-x64

7

cc15d6bef2...91.exe

windows10-2004-x64

7

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$_0_/TeamViewer_.exe

windows7-x64

7

$_0_/TeamViewer_.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...64.dll

windows7-x64

3

$PLUGINSDI...64.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    cc15d6bef20845660b07ca102d748b91

  • Size

    3.1MB

  • MD5

    cc15d6bef20845660b07ca102d748b91

  • SHA1

    94557cae91608e1b62fc3663cafdbd25bef22729

  • SHA256

    7f5c42f1ddbb2701da00f0d2f27eed679d044921124fc7cfaeedee140e0748d1

  • SHA512

    e4f8773e109a9c1c191a66ce493bceb4bb7f0a4cc4e01bb00d4d21a8134c2abd5a2272ea2d1155472a771bcf17f2fedbea61de7f5f1c091a381a7a94df55d522

  • SSDEEP

    98304:SFu64tO/CUBeNUCiQ2hnZ/Ht/NQpfZ7NAD+RCQtJ:SFuRtUCUBxPQ2hnHNQL7NAc

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 19 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • cc15d6bef20845660b07ca102d748b91
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7f27fb2f8604769e3f1416e79e2b660f


    Headers

    Imports

    Exports

    Sections

  • $_0_/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/AccessControl.dll
    .dll windows:4 windows x86 arch:x86

    ed83f419402bc3b83a08e3aaf8b5b5b7


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Base64.dll
    .dll windows:4 windows x86 arch:x86

    71822a6591db32058c3984a70d90133c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Lizenz_TeamViewer_DE.txt
  • $PLUGINSDIR/Lizenz_TeamViewer_EN.txt
  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    a648aeaa164b592c1e8892a10400b5ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7f27fb2f8604769e3f1416e79e2b660f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2274cc1534607459cdd304a928601ef9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    afa8e526425f3585465337467d0b5909


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/environment.ini
  • $PLUGINSDIR/host.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/license.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    cc34243fafdc456e6693c5acdc5d0962


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisFirewall.dll
    .dll windows:4 windows x86 arch:x86

    1a4c99175e8891c64634680f4f238d51


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/security.ini
  • $PLUGINSDIR/start.ini
  • $PLUGINSDIR/vpn.ini
  • $TEMP/TeamViewer/Version6/tvfiles.7z
    .7z
  • CopyRights_DE.txt
  • CopyRights_EN.txt
  • Lizenz_TeamViewer_DE.txt
  • Lizenz_TeamViewer_DE_unicode.txt
  • Lizenz_TeamViewer_EN.txt
  • Lizenz_TeamViewer_EN_unicode.txt
  • TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    b2b0dc4d068cba8de1897c3125b809f1


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:4 windows x86 arch:x86

    37c3015f06665f086b32dec78dabfa54


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_da.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_de.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_en.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_es.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_fr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_it.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_nl.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_pt.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    60cb9f28892c3863f3682daa22aefa3d


    Code Sign

    Headers

    Imports

    Sections

  • tv_w32.dll
    .dll windows:4 windows x86 arch:x86

    798ed578c45b3498ce7896558c5e55e0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:4 windows x86 arch:x86

    68da36c705041bcb516a1b6caabad0aa


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:4 windows x64 arch:x64

    09c5b20b66e0f7caa44c28dfae2d9a8d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:4 windows x64 arch:x64

    fe0ec5a2a04130d9900b2dd133a00d2b


    Code Sign

    Headers

    Imports

    Sections

  • w2k/TeamViewerVPN.inf
  • w2k/teamviewervpn.sys
    .sys windows:5 windows x86 arch:x86

    8ec9ec9840080f4331c34221e283917c


    Code Sign

    Headers

    Imports

    Sections

  • x64/TVMonitor.inf
  • x64/TVMonitor.sys
    .sys windows:6 windows x64 arch:x64

    f24b69173de020aa0ac1739d7b40e04c


    Code Sign

    Headers

    Imports

    Sections

  • x64/TeamViewerVPN.inf
  • x64/teamviewervpn.cat
  • x64/teamviewervpn.sys
    .sys windows:6 windows x64 arch:x64

    cd6e6e3dfb3a87a73c76cb5d3cdda140


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • x86/TVMonitor.inf
  • x86/TVMonitor.sys
    .sys windows:6 windows x86 arch:x86

    bc06eb1dad5e8285411e580cdee99e10


    Code Sign

    Headers

    Imports

    Sections

  • x86/TeamViewerVPN.inf
  • x86/teamviewervpn.cat
  • x86/teamviewervpn.sys
    .sys windows:6 windows x86 arch:x86

    952b9ef5a3d8fb9c2ae05f06bb0e783c


    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • uninstall.exe.nsis
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections