Overview

overview

7

Static

static

7

fb2ba8f581...18.exe

windows7-x64

7

fb2ba8f581...18.exe

windows10-2004-x64

7

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$_0_/TeamViewer_.exe

windows7-x64

7

$_0_/TeamViewer_.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fb2ba8f581571bac155e69266dbf1f7e_JaffaCakes118

  • Size

    145KB

  • MD5

    fb2ba8f581571bac155e69266dbf1f7e

  • SHA1

    561dea6e06e746de68ec7c4288351bf616b2c2cb

  • SHA256

    fe690a16a49df6048482604cd283c963ee0215d6a15d17de89ff0e714d6e21ed

  • SHA512

    05ce74d39f9383db75b9213440c5b6454e004710af8bee5e3916fac0197d80d58525663b1ca9120bb2c3f4a70c23397e3355cdbab579db4397a7abeea7ff8788

  • SSDEEP

    3072:XfSHofYRxYv0sTpMU4H11kaMwOe/EgFlCxlTyILRy4xofYRxYv0s8pMU4Hj8aRvd:X6wTh4Hy4fliyILRE8h4HllOxw

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • fb2ba8f581571bac155e69266dbf1f7e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7f27fb2f8604769e3f1416e79e2b660f


    Headers

    Imports

    Exports

    Sections

  • $_0_/TeamViewer_.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • .rsrc/0/version.txt
  • .rsrc/1033/GROUP_ICON/103
  • .rsrc/1033/ICON/1.ico
  • .rsrc/1033/ICON/2.ico
  • .rsrc/1033/ICON/3.ico
  • .rsrc/1033/ICON/4.ico
  • .rsrc/1033/ICON/5.ico
  • .rsrc/1033/ICON/6.ico
  • .rsrc/1033/MANIFEST/1
    .xml
  • UPX1
  • [0]
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections