Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
7Static
static
3f7d5fe0216...18.exe
windows7-x64
3f7d5fe0216...18.exe
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...ta.dll
windows7-x64
3$PLUGINSDI...ta.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...on.dll
windows7-x64
3$PLUGINSDI...on.dll
windows10-2004-x64
3$PLUGINSDI...7z.dll
windows7-x64
3$PLUGINSDI...7z.dll
windows10-2004-x64
3TeamViewer.exe
windows7-x64
7TeamViewer.exe
windows10-2004-x64
7TeamViewer...op.exe
windows7-x64
3TeamViewer...op.exe
windows10-2004-x64
3TeamViewer...de.dll
windows7-x64
1TeamViewer...de.dll
windows10-2004-x64
1TeamViewer...ce.exe
windows7-x64
1TeamViewer...ce.exe
windows10-2004-x64
1tv_w32.dll
windows7-x64
1tv_w32.dll
windows10-2004-x64
1tv_w32.exe
windows7-x64
1tv_w32.exe
windows10-2004-x64
1tv_x64.dll
windows7-x64
1tv_x64.dll
windows10-2004-x64
1tv_x64.exe
windows7-x64
1tv_x64.exe
windows10-2004-x64
1x64/TVMonitor.sys
windows7-x64
1x64/TVMonitor.sys
windows10-2004-x64
1x86/TVMonitor.sys
windows7-x64
1x86/TVMonitor.sys
windows10-2004-x64
1General
-
Target
f7d5fe021610b26e2d3a9cdd877d3d78_JaffaCakes118
-
Size
2.6MB
-
Sample
240418-mvz3nacb3x
-
MD5
f7d5fe021610b26e2d3a9cdd877d3d78
-
SHA1
59ac39a0bb3d4e5386c9b3292acc2382aa9d0574
-
SHA256
773dcb1e82bd6b653c8e3072ce8b182346c57440e58c412d08ff98b80cd4067f
-
SHA512
0f78630178f58529122cc657ca409c726916b029da6106dc97638d152121fcad4832b2189c112e1d7c8d02a98adc38b1a7530d1106793ec45774109173d3ee01
-
SSDEEP
49152:D9PPGaKWCLac78P/XOUDOs4y9eAImg0cP0C9V/2:5GaJCuW8HOpsRsAC0Cz/2
Static task
static1
Behavioral task
behavioral1
Sample
f7d5fe021610b26e2d3a9cdd877d3d78_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f7d5fe021610b26e2d3a9cdd877d3d78_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/ReadCustomerData.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/ReadCustomerData.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/TvGetVersion.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/TvGetVersion.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
TeamViewer.exe
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
TeamViewer.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral15
Sample
TeamViewer_Desktop.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
TeamViewer_Desktop.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral17
Sample
TeamViewer_Resource_de.dll
Resource
win7-20240319-en
Behavioral task
behavioral18
Sample
TeamViewer_Resource_de.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral19
Sample
TeamViewer_Service.exe
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
TeamViewer_Service.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral21
Sample
tv_w32.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
tv_w32.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral23
Sample
tv_w32.exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
tv_w32.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral25
Sample
tv_x64.dll
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
tv_x64.dll
Resource
win10v2004-20240412-en
Behavioral task
behavioral27
Sample
tv_x64.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
tv_x64.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral29
Sample
x64/TVMonitor.sys
Resource
win7-20240220-en
Behavioral task
behavioral30
Sample
x64/TVMonitor.sys
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
x86/TVMonitor.sys
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
x86/TVMonitor.sys
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f7d5fe021610b26e2d3a9cdd877d3d78_JaffaCakes118
-
Size
2.6MB
-
MD5
f7d5fe021610b26e2d3a9cdd877d3d78
-
SHA1
59ac39a0bb3d4e5386c9b3292acc2382aa9d0574
-
SHA256
773dcb1e82bd6b653c8e3072ce8b182346c57440e58c412d08ff98b80cd4067f
-
SHA512
0f78630178f58529122cc657ca409c726916b029da6106dc97638d152121fcad4832b2189c112e1d7c8d02a98adc38b1a7530d1106793ec45774109173d3ee01
-
SSDEEP
49152:D9PPGaKWCLac78P/XOUDOs4y9eAImg0cP0C9V/2:5GaJCuW8HOpsRsAC0Cz/2
Score3/10 -
-
-
Target
$PLUGINSDIR/NSISdl.dll
-
Size
14KB
-
MD5
254f13dfd61c5b7d2119eb2550491e1d
-
SHA1
5083f6804ee3475f3698ab9e68611b0128e22fd6
-
SHA256
fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
-
SHA512
fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
-
SSDEEP
192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score3/10 -
-
-
Target
$PLUGINSDIR/ReadCustomerData.dll
-
Size
64KB
-
MD5
703598aa5ff97f512112cd766543a2f1
-
SHA1
0bfb74b03227ee8510e153785edd76625404ab55
-
SHA256
5f76752e83789bb8184070d618d83f43c2f565cc7fad2c4266e44339223ba69b
-
SHA512
3eff4670a3c97ec931eb1240d22a943ad6b19ea07ce781dabcc656ae2049d36c42b8f5bf3ce59366057ea3ece8913e83da3ec98c2c1434edf144dd9d4731fe58
-
SSDEEP
768:TWaFM5hBUVVsDPytWyIBvsdfk3Nhs8o6S5uymhRv1OInQ/bTLZmTtxHWQ:CvnuV+TcWGIPOChRwIQ/XLQtxH
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
00a0194c20ee912257df53bfe258ee4a
-
SHA1
d7b4e319bc5119024690dc8230b9cc919b1b86b2
-
SHA256
dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
-
SHA512
3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
$PLUGINSDIR/TvGetVersion.dll
-
Size
50KB
-
MD5
7d4cdffd78fa41a10e00cdfb899990d3
-
SHA1
51c445cc7933a92efe285b11d5a8a80dc69d1be1
-
SHA256
b5e3a463393887c08219366ac3efd60e8b4991df874586702950de2baa83104d
-
SHA512
8044c3a25957f68d7b7fd9d925c26f6726af9b29ad54eaf4b1eb1a3027f6f07670c678ef3dd2958130634cc49406b2d2378e20a35a43b8821fcd4355551122f7
-
SSDEEP
768:0VkG68qeXUmypSIRcu7Tx7Ss1xS+KCDpR/vO4nnZr11t5JgX:0Vm4Um4W4dLKopR/PnZft5
Score3/10 -
-
-
Target
$PLUGINSDIR/nsis7z.dll
-
Size
176KB
-
MD5
06ff2b95b8e123d32487b0cb73409031
-
SHA1
8cb3f584112db4e74cea4ed02d4ce0b3a5373bfa
-
SHA256
0dedad042a306da32784c3ce79bfac0475b827e416c17e1a1dfdb461151f4271
-
SHA512
174e7599ba87bc45111ce340d7563771353df71988d6b9094d8bdeab4b45ec730cbd2e6bf3943ad66daa02d7f1f1eac0020b987109fabed96b2e0def8d0602c6
-
SSDEEP
3072:rfSCQ4FYoKhEHvf4aytolZ8MMNjXtWXTkibb7zHetRYFJ8:HFYosEH3UtoX8fUtXPOm
Score3/10 -
-
-
Target
TeamViewer.exe
-
Size
6.7MB
-
MD5
af9674ebad5c3234eb84e70ef63264fa
-
SHA1
c88e75a808b8f3d3ee10d6b3cd7720aec5314999
-
SHA256
e6e9548ff7f0d45d6f0c02f367486d840270b52c4aafe2b963b0553d33b9bafe
-
SHA512
b022560565a560cf8da955dcbc8ac9c0e598b9f1ca03f2f5885258c9e5ce21f63bc658c691e8ce753d0d2dc3f7cf970ebb8c2938a486b00e4502c8c2d6082df8
-
SSDEEP
98304:RK1vrxE+c9ePZgjheTCLwWAgcSukgEeDEi4iEUu361a54V1+Hl/p8zj5xtMid:uhvZ5ZxD4Uu30aODzj5xtMa
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
TeamViewer_Desktop.exe
-
Size
2.1MB
-
MD5
0abedc25d8c9ed7a61ab7040cc691385
-
SHA1
00f3a75bb5ccf0aa0b7f3c50753b7221863d2489
-
SHA256
34e69413106257786a1d02d9016d39028ffae309316607f5f716639bb589ed8f
-
SHA512
5807b936733aba867f69de74af73a9a66c96b22bc7bc69b0aadce1aaf75cd45a26980bdd36d912c31e283f34cb5259ff8282f6c8887e63d59b382c07ae0392f2
-
SSDEEP
49152:dgoK7vi+iwCT5xbIm18YdjcOpJs1ats9Ha+Gf:S7Dczn1Fdj7JsMiu
Score3/10 -
-
-
Target
TeamViewer_Resource_de.dll
-
Size
1.2MB
-
MD5
90de73de3a2ea9440da3c16412479220
-
SHA1
d79f9fe7cecac2a4996eb4dd1a1f768ddad44ec3
-
SHA256
cd20c290f6cf6dfae987f5f07386c73efb56eb4805696818c292c868b294deb0
-
SHA512
c17ff8d3f6bc0670dbd4cbc947e13a4e0b945b46f5ce3a8c620b09f4b9a85fa71b4fa40eb425bb2d3a74435d97cc5b699561c500d4e384018ff1df384f26db95
-
SSDEEP
12288:Q2hmfaa/lRMxerSaye0dHVGFlSyhUcTm8i1aWjDtTfu:QumfnJrSayGF6Vi
Score1/10 -
-
-
Target
TeamViewer_Service.exe
-
Size
2.3MB
-
MD5
29ec98bc26852b920243667aaf18fbf6
-
SHA1
e116a85404d9a89aac8406f16d004ab10afe4f2d
-
SHA256
407683aaf7450a133ece802a8f80a92d6f36beb21055cf75b867f068eb459e8c
-
SHA512
256bba4b27cf46d2dafb36134ac1abb768515618da68804e8a6ef090619cc913da95c6b6fcc108c2b40b296036bf62a4bae15f52f78f6aeeb748c4c21ace4f5e
-
SSDEEP
49152:q+lFwkW1imFT/4+ykiHIKbIUu3QjWPc1ZU0/yPiIS0CwM:/HW1i074dkiHIPUu3QjP5/7bh
Score1/10 -
-
-
Target
tv_w32.dll
-
Size
48KB
-
MD5
feb7527d884057e53845297722ef1dfa
-
SHA1
b44e6049798aa4a0e7081072b23faeba1fc044ca
-
SHA256
0e6c56ee94617219bf89febf2aaab53ba99def0931b3146875079642bbc67f0e
-
SHA512
424b53605fc92761b73e92fe375d70f8d8d9e240ffeead9f700d0e83019eab67d73aaa0c88f1f606e8ccf4ca02d4279bd5cd53c1268aaf569c5ae4379b63a275
-
SSDEEP
768:lhnbNOCWYFawkf5soDYunk220HOtUM3CgV6QiFp7Tsk5AeLM:fBSsunocCUDgV6jfsk5AeI
Score1/10 -
-
-
Target
tv_w32.exe
-
Size
105KB
-
MD5
625393ef6d05592dcc229e681cf3109c
-
SHA1
9a116b7295adea0f257802d781e6e9628e66cd3e
-
SHA256
a9c497e2db6c339c08dea0c09a1bcc4269b6da0aad237b372d1a4916bf4065a9
-
SHA512
5f043b90ffc1b0ffe6f7e76e0ab0c629e2e00e6499c64a5aa660550b55a4bda530c7a64c7cdbb96bc2d7dc7e0697f7bec3d18f8c4a4e4ad17e6a786a4a024925
-
SSDEEP
1536:V7zajn/aH9011y9Hrjba1JOIzJGY78iyrMycIDUxr4fDnChLLCJY1+4Z4htelJP:V7zQqpwxhKhtelh
Score1/10 -
-
-
Target
tv_x64.dll
-
Size
51KB
-
MD5
e21f6ac9d96538ebc078bac67db51401
-
SHA1
01a8a23c63290872fa24772fcbbeed288831df2d
-
SHA256
ea27c2297ad340a8cd6950ba7394d00184458cfd95b23a68234990d9a965c23a
-
SHA512
619e83cd7069e8ee49c845f12d12ad5c41b0b5f3f3d989f5d0bde0bd91946a6ad9aecbd412dd020e69af23d0646e384f3328687d4ba19a719ca6446a4eada20b
-
SSDEEP
768:ddbXkYJwW1DSveW1oI8iGkDDTn/AzimuQ9tybxJYQIlV3lLg:ddbnJj1OvDv/0zJtybfIXlc
Score1/10 -
-
-
Target
tv_x64.exe
-
Size
140KB
-
MD5
ab50674a87e2b07fb3cf56a054a4b763
-
SHA1
6400bb876b77ca5c03a00e27af4306474154c28c
-
SHA256
d4075a3a2ac3eb5b23eb6c759db127a1e06e02aeec6105df13cf027e1073d879
-
SHA512
eb57a3f14c43dafd2e2a94c5e0d7fa02e5070de775f8f3f713ff4c69d6f89f2cd7276d260fc2fecb598f51256f5b6b09c995b594cf9d7b399fe14174b6653939
-
SSDEEP
3072:k5IdtXcNDSKAm5cwCFG1Js0fNB6yQxjkQGTUVryhC+LW+rPW2:kxDSPPHFG1JswQx41U3+rD
Score1/10 -
-
-
Target
x64/TVMonitor.sys
-
Size
15KB
-
MD5
95314c3a08589471983c2c8173f23cda
-
SHA1
a84b8b7c7c08f4642655e2f1df9161b8d3b0b665
-
SHA256
05d30728d7204aba2437259ecf929a94e6573f7621baf35d76eba26f5489a6cf
-
SHA512
200c9af5a7ac032bcbde1830001f2c7cf4e9dd02b964a6bbdf7fe5e4bd29cd152a4fbea3bac53defa9f321e0417af3d170900ab3de390fcfc1d411237d238c06
-
SSDEEP
384:PxWDUVvF0r2UHKZCmYFJulYJLWOtbeFV6jlV:k0vFGXH7XuAL/beFVmP
Score1/10 -
-
-
Target
x86/TVMonitor.sys
-
Size
12KB
-
MD5
111a023266532c621ee69ae96e47081e
-
SHA1
4f1dde3508a85fa4beda1d8110e98db248be1af1
-
SHA256
d933340af838d94f25c74f9d46a74de3b45f29b896afa49a03676bab8cd400cf
-
SHA512
bf6252a52ad61bafb8b86589b4436069d4bc277b91a89e90c4b237e3e49a7388bc8e1d5d29a1790f4505de2a52eb26e0bef112e946f7505f0641b3ebd5643354
-
SSDEEP
192:7hkFKqiEedsBgI/yowJL/aMjGwP7QM3PXD+ebMdHFVZgjlJMVc83:Vkcqod5CYJLWOtbeFV6jK
Score1/10 -