Overview

overview

7

Static

static

7

TeamViewer...10.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    TeamViewer_Windows_10.7z

  • Size

    14.8MB

  • MD5

    e143400f1d278f43af664b13da6995a9

  • SHA1

    8ff883bad155cdef5ab6043764e9307d394896a4

  • SHA256

    fdcd7221a697376185cce93a0e97a00b49d30dfe1dfa01ba4850f9460877c28d

  • SHA512

    8dd69592e90bbbffda6b61fdcda096f80ff365ba63a8bb00f11e26e4b28dfd3e45208de59e10889d44104328ed97f9c8302ae5fcca7ab96ca6fbb4e1ee9d36b1

  • SSDEEP

    393216:xtkSQ35D/ZsqT/5PIECTvzUteoCdPJxDzBOTXNDymDuk+q:xelvOEC3oCXxDzBolu+

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 32 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • TeamViewer_Windows_10.7z
    .7z

    Password: infected

  • TeamViewer_Windows_10.exe
    .exe windows:4 windows x86 arch:x86

    b78ecf47c0a3e24a6f4af114e2d1f5de


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:5 windows x86 arch:x86

    e2ead63c32d26b2c25186b0affcba83e


    Headers

    Imports

    Exports

    Sections

  • $_4_/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86

    4ea4df5d94204fc550be1874e1b77ea7


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Base64.dll
    .dll windows:4 windows x86 arch:x86

    ad07268da82afb689855dbfe2dd9f0d2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    e26d7460d0c04056b9226a899477ba4d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    4b45b7e00344a87332fbd12653854d1a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InvokeShellVerb.dll
    .dll windows:4 windows x86 arch:x86

    1dd17c8be9b0761e58bbdf6fc06463e3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    d806a080e21508dd768fa70be247d2ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    3e8d18bb71c7ebbda2ddc2a4bb03547b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Lizenz_TeamViewer_DE_unicode.txt
  • $PLUGINSDIR/Lizenz_TeamViewer_EN_unicode.txt
  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:5 windows x86 arch:x86

    87016a95cad628bc6ef0fdf9dc776ca6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2a2e0e82c0dc9890f9201e8bd8ecbff2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    e1c0bd3d5b9f3f5cec7ea773ff66ac6e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/advanced_unicode.ini
  • $PLUGINSDIR/dialogsEx.dll
    .dll windows:4 windows x86 arch:x86

    557640b8e9154ea0d56b33592889a90f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/linker.dll
    .dll windows:4 windows x86 arch:x86

    7157cbf6b8ac59151804907639aae079


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsArray.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    0b75f1007d3cc8e457970ae3e3fd53c3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    9c8bb65ecbb91da1f2ebb6ae7a714ed0


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/start_unicode.ini
  • $PLUGINSDIR/wincheck.ini
  • tvfiles.7z
    .7z
  • CopyRights_DE.txt
  • CopyRights_EN.txt
  • Lizenz_TeamViewer_DE_unicode.txt
  • Lizenz_TeamViewer_EN_unicode.txt
  • TeamViewer.exe
    .exe windows:5 windows x86 arch:x86

    cf4d655ed041695b884fd7ce8eed21da


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer12.otf
  • TeamViewer_Desktop.exe
    .exe windows:5 windows x86 arch:x86

    05e33988ec0391c8262d5110408b9898


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Note.exe
    .exe windows:5 windows x86 arch:x86

    8e8204f381b0912cee3a6089c121d79a


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_ar.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_bg.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_cs.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_da.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_de.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_el.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_en.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_es.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_fi.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_fr.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_he.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_hr.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_hu.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_id.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_it.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ja.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ko.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_lt.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_nl.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_no.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_pl.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_pt.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ro.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ru.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_sk.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_sr.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_sv.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_th.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_tr.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_uk.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_vi.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_zhCN.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_zhTW.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:5 windows x86 arch:x86

    3629b888e9d5b57611ed621e36a66587


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_StaticRes.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • outlook/ManagedAggregator.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • outlook/TeamViewerMeetingAddIn.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • outlook/TeamViewerMeetingAddinShim.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    6576ba052598702104533185b18f144f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • outlook/TeamViewerMeetingAddinShim64.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    ec247488c863cebb57895436ab269803


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.dll
    .dll windows:5 windows x86 arch:x86

    a077d161ae6ed5f6d18334aa1cc3ddd0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:5 windows x86 arch:x86

    6959e1e1165ab30563a4e318f829ba1b


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:5 windows x64 arch:x64

    58e7de7ac2944a8a58bfd8063614cb66


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:5 windows x64 arch:x64

    9e19d73b891e1ceaa538e96a858c1a4d


    Code Sign

    Headers

    Imports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    e2a592076b17ef8bfb48b7e03965a3fc


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    e26d7460d0c04056b9226a899477ba4d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    4b45b7e00344a87332fbd12653854d1a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InvokeShellVerb.dll
    .dll windows:4 windows x86 arch:x86

    1dd17c8be9b0761e58bbdf6fc06463e3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    d806a080e21508dd768fa70be247d2ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:5 windows x86 arch:x86

    87016a95cad628bc6ef0fdf9dc776ca6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2a2e0e82c0dc9890f9201e8bd8ecbff2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    e1c0bd3d5b9f3f5cec7ea773ff66ac6e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsArray.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    0b75f1007d3cc8e457970ae3e3fd53c3


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisFirewall.dll
    .dll windows:4 windows x86 arch:x86

    18ecfc7436b69f8c13ec22664f9f1857


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/uninstall_unicode.ini
  • tvfilesx64.7z
    .7z
  • x64/TVMonitor.inf
  • x64/TVMonitor.sy_
    .sys windows:6 windows x64 arch:x64

    bd2fee8a544a1c6656edb847a80a08c5


    Code Sign

    Headers

    Imports

    Sections

  • x64/TVPSPrint.inf
  • x64/TVPrint.inf
  • x64/TeamViewerVPN.inf
  • x64/Teamviewer_PrintProcessor.dll
    .dll windows:6 windows x64 arch:x64

    9d5c88c29c1ab402b3e46bfd592be885


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • x64/teamviewer.gpd
  • x64/teamviewer.ppd
  • x64/teamviewervpn.cat
  • x64/teamviewervpn.sy_
    .sys windows:6 windows x64 arch:x64

    cd6e6e3dfb3a87a73c76cb5d3cdda140


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • x64/tvprint.cat
  • x64/tvpsprint.cat
  • tvfilesx86.7z
    .7z
  • w2k/TeamViewerVPN.inf
  • w2k/teamviewervpn.sy_
    .sys windows:5 windows x86 arch:x86

    8ec9ec9840080f4331c34221e283917c


    Code Sign

    Headers

    Imports

    Sections

  • x86/TVMonitor.inf
  • x86/TVMonitor.sy_
    .sys windows:6 windows x86 arch:x86

    0a4b1988011b75460fe539769b8577b2


    Code Sign

    Headers

    Imports

    Sections

  • x86/TVPSPrint.inf
  • x86/TVPrint.inf
  • x86/TeamViewerVPN.inf
  • x86/Teamviewer_PrintProcessor.dll
    .dll windows:6 windows x86 arch:x86

    80f0a67352a8694c667e6d5c219098d5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • x86/teamviewer.gpd
  • x86/teamviewer.ppd
  • x86/teamviewervpn.cat
  • x86/teamviewervpn.sy_
    .sys windows:6 windows x86 arch:x86

    952b9ef5a3d8fb9c2ae05f06bb0e783c


    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • x86/tvprint.cat
  • x86/tvpsprint.cat