Overview

overview

7

Static

static

7

0ceee6147c...18.exe

windows7-x64

3

0ceee6147c...18.exe

windows10-2004-x64

3

$TEMP/Team...r_.exe

windows7-x64

7

$TEMP/Team...r_.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/Team...AS.exe

windows7-x64

1

$TEMP/Team...AS.exe

windows10-2004-x64

1

$TEMP/Team...TV.dll

windows7-x64

1

$TEMP/Team...TV.dll

windows10-2004-x64

3

$TEMP/Team...er.exe

windows7-x64

7

$TEMP/Team...er.exe

windows10-2004-x64

7

$TEMP/Team...ce.exe

windows7-x64

1

$TEMP/Team...ce.exe

windows10-2004-x64

1

$TEMP/Team...en.dll

windows7-x64

1

$TEMP/Team...en.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ceee6147c4d4439c4d5330887a1eb9a_JaffaCakes118

  • Size

    1.4MB

  • MD5

    0ceee6147c4d4439c4d5330887a1eb9a

  • SHA1

    47c98f35f800e52cf9a507737c8b4b4122cfc2ac

  • SHA256

    5f9426778fdd047e83eb2326d6c6a7ba0efdb3b51265d275a726797b801cbe9a

  • SHA512

    4b50d7a92ca5574edcde9ed85c3e9afbc5d59117f874ebbb69b6f041f3ee22f1753db03152834d264ea2aa4039b067f2fa4a86cdb892690ddf77282fb95f96bc

  • SSDEEP

    24576:2gei7oxEI8Mvs08M6HvITqQZIrS5J1OhQAgbGrpw+A+uiTzY67lhwdqi77UqGb5u:wi7F6Z6HATcr+YQvGre+A+fzY6lh2BU6

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 0ceee6147c4d4439c4d5330887a1eb9a_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7d39d7b95784d1db8a0e72607b2a86be


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    70dd3dc09a6a9df40b2eeb3eb051c3ff


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/SAS.exe
    .exe windows:4 windows x86 arch:x86

    3a185b08fc1b907727e1e8ee4170f949


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/TV.dll
    .dll windows:4 windows x86 arch:x86

    0d38fedce961399a2d925e514e8e2948


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    17366c4e3db759cbdf734fe0ff5b9a63


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer.ini
  • $TEMP/TeamViewer/Version4/TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    5e356decea39db8d332b9ef26f795381


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer_resource_en.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $TEMP/TeamViewer/Version4/logo.bmp
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections