Overview

overview

7

Static

static

7

acb1ab0fee...18.exe

windows7-x64

7

acb1ab0fee...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ta.dll

windows7-x64

3

$PLUGINSDI...ta.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

TeamViewer.exe

windows7-x64

7

TeamViewer.exe

windows10-2004-x64

7

TeamViewer...op.exe

windows7-x64

3

TeamViewer...op.exe

windows10-2004-x64

3

TeamViewer...en.dll

windows7-x64

1

TeamViewer...en.dll

windows10-2004-x64

1

TeamViewer...ce.exe

windows7-x64

1

TeamViewer...ce.exe

windows10-2004-x64

1

tv_w32.dll

windows7-x64

1

tv_w32.dll

windows10-2004-x64

1

tv_w32.exe

windows7-x64

1

tv_w32.exe

windows10-2004-x64

1

tv_x64.dll

windows7-x64

1

tv_x64.dll

windows10-2004-x64

1

tv_x64.exe

windows7-x64

1

tv_x64.exe

windows10-2004-x64

1

x64/TVMonitor.sys

windows7-x64

1

x64/TVMonitor.sys

windows10-2004-x64

1

x86/TVMonitor.sys

windows7-x64

1

x86/TVMonitor.sys

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    acb1ab0fee51336e029e7877c4dfbb81_JaffaCakes118

  • Size

    2.7MB

  • MD5

    acb1ab0fee51336e029e7877c4dfbb81

  • SHA1

    88d669224efa611c508d73080cbbc90050c2bca4

  • SHA256

    dd3e6ac9669ac039fbeda1e19d3bf65c9c13f01d548a9b4bda011e9b60af91c0

  • SHA512

    de5c0f4ac4e0d761e93c57c7176498c924a6b76d5c43e68110df461ae3d07c78032e28e5615d2a82b325aa39800d5b1e5e5a9c1eea2bef09b22c0260548f88e6

  • SSDEEP

    49152:hhQ5ZfvgYduvSpqSzER94C0dtNnPhysZFASCn/AftXM3yQJvUBI9da:hm4vCjXpnZIBCtX1+AIC

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • acb1ab0fee51336e029e7877c4dfbb81_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ReadCustomerData.dll
    .dll windows:4 windows x86 arch:x86

    d29e408dd9048e10d5936c6f2bfca832


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    88d67657017b9d8004b8a2d8a16f30a6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    b22ed27c346f001ed1b4410c1073cfa9


    Headers

    Imports

    Exports

    Sections

  • $_0_/tvqsfiles.7z
    .7z
  • TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    d0fed9b55f7ed8441eeb0e3248f0601a


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:4 windows x86 arch:x86

    1914baeb72d137b9190e43e6ba5cda45


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_en.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    d65b9f360d4f27f3af7bb12f9b2b2af7


    Code Sign

    Headers

    Imports

    Sections

  • tv_w32.dll
    .dll windows:4 windows x86 arch:x86

    798ed578c45b3498ce7896558c5e55e0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:4 windows x86 arch:x86

    68da36c705041bcb516a1b6caabad0aa


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:4 windows x64 arch:x64

    09c5b20b66e0f7caa44c28dfae2d9a8d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:4 windows x64 arch:x64

    fe0ec5a2a04130d9900b2dd133a00d2b


    Code Sign

    Headers

    Imports

    Sections

  • x64/TVMonitor.inf
  • x64/TVMonitor.sys
    .sys windows:6 windows x64 arch:x64

    f24b69173de020aa0ac1739d7b40e04c


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • x86/TVMonitor.inf
  • x86/TVMonitor.sys
    .sys windows:6 windows x86 arch:x86

    bc06eb1dad5e8285411e580cdee99e10


    Code Sign

    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections