Overview

overview

7

Static

static

7

84e6007444...18.exe

windows7-x64

7

84e6007444...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ta.dll

windows7-x64

3

$PLUGINSDI...ta.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

TeamViewer.exe

windows7-x64

7

TeamViewer.exe

windows10-2004-x64

7

TeamViewer...op.exe

windows7-x64

3

TeamViewer...op.exe

windows10-2004-x64

3

TeamViewer...fr.dll

windows7-x64

1

TeamViewer...fr.dll

windows10-2004-x64

1

TeamViewer...ce.exe

windows7-x64

1

TeamViewer...ce.exe

windows10-2004-x64

1

tv_w32.dll

windows7-x64

1

tv_w32.dll

windows10-2004-x64

1

tv_w32.exe

windows7-x64

1

tv_w32.exe

windows10-2004-x64

1

tv_x64.dll

windows7-x64

1

tv_x64.dll

windows10-2004-x64

1

tv_x64.exe

windows7-x64

1

tv_x64.exe

windows10-2004-x64

1

x64/TVMonitor.sys

windows7-x64

1

x64/TVMonitor.sys

windows10-2004-x64

1

x86/TVMonitor.sys

windows7-x64

1

x86/TVMonitor.sys

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    84e60074447c20380bcdcb7f29e0c6d5_JaffaCakes118

  • Size

    2.6MB

  • MD5

    84e60074447c20380bcdcb7f29e0c6d5

  • SHA1

    d4ac2183c7984c98d4355e83a0744f2077570c7d

  • SHA256

    6f7e7bfb3dd30e8489949a4a79e72dd8ed22b1378af65a68ce917b2dbb133195

  • SHA512

    6492c215db60c33a06a7b0fbd179755e49f02206f9097f3c6d7191a3dc31c14bb692dee1dcf50d4ab0e41bcec17f16249ec17ebce84454de06103a7d4d992a48

  • SSDEEP

    49152:gBfCWMx15JI0ElKLwN3cuc9B63eDlMLtDfNz4Z9UFXAmqju2ZzSY9t1TYeca:g9yvIswNsho3IAtDk9YwZVl3lTYeca

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 84e60074447c20380bcdcb7f29e0c6d5_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ReadCustomerData.dll
    .dll windows:4 windows x86 arch:x86

    d29e408dd9048e10d5936c6f2bfca832


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7f27fb2f8604769e3f1416e79e2b660f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    b22ed27c346f001ed1b4410c1073cfa9


    Headers

    Imports

    Exports

    Sections

  • $_0_/tvqsfiles.7z
    .7z
  • TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    24f1fe7e4e5f2f487286637f0f947df4


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:4 windows x86 arch:x86

    e8e563a8771846451eb317fb6b00dbde


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_fr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    6167b09ae7ae2d6b2a739149ea584308


    Code Sign

    Headers

    Imports

    Sections

  • tv_w32.dll
    .dll windows:4 windows x86 arch:x86

    798ed578c45b3498ce7896558c5e55e0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:4 windows x86 arch:x86

    68da36c705041bcb516a1b6caabad0aa


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:4 windows x64 arch:x64

    09c5b20b66e0f7caa44c28dfae2d9a8d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:4 windows x64 arch:x64

    fe0ec5a2a04130d9900b2dd133a00d2b


    Code Sign

    Headers

    Imports

    Sections

  • x64/TVMonitor.inf
  • x64/TVMonitor.sys
    .sys windows:6 windows x64 arch:x64

    f24b69173de020aa0ac1739d7b40e04c


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • x86/TVMonitor.inf
  • x86/TVMonitor.sys
    .sys windows:6 windows x86 arch:x86

    bc06eb1dad5e8285411e580cdee99e10


    Code Sign

    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections