Overview

overview

7

Static

static

7

0b674bd3eb...18.exe

windows7-x64

7

0b674bd3eb...18.exe

windows10-2004-x64

7

$TEMP/Team...r_.exe

windows7-x64

7

$TEMP/Team...r_.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/Team...AS.exe

windows7-x64

1

$TEMP/Team...AS.exe

windows10-2004-x64

1

$TEMP/Team...TV.dll

windows7-x64

1

$TEMP/Team...TV.dll

windows10-2004-x64

3

$TEMP/Team...er.exe

windows7-x64

7

$TEMP/Team...er.exe

windows10-2004-x64

7

$TEMP/Team...ce.exe

windows7-x64

1

$TEMP/Team...ce.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    0b674bd3eb51dc919d1d73a2077e1a48_JaffaCakes118

  • Size

    1.5MB

  • MD5

    0b674bd3eb51dc919d1d73a2077e1a48

  • SHA1

    53bf1fe7c6f2133b0e23a1b2dcb96b569fd77e37

  • SHA256

    4710ec0c8dc2090c0ab4f4effb503bc318c54ae51febfbd0f8f3722925b61486

  • SHA512

    97c2edbc89d7570df4c3bb0355a4505917bcd2da117b38c22f8e923176ca69ad998e55201bdeddc8eddb2360e4778a57fbf64f4af6b0a68fc40484d02e121440

  • SSDEEP

    24576:j2njEFW/SL0drqNWhzImvifsfEjK7PKPP+EbHMHus3ufK7fura6tuo4x527c:6ngrwdrqIhzImvi0sFPP+EB1jtuF524

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 0b674bd3eb51dc919d1d73a2077e1a48_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7d39d7b95784d1db8a0e72607b2a86be


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    70dd3dc09a6a9df40b2eeb3eb051c3ff


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/TV.dll
    .dll windows:4 windows x86 arch:x86

    9e0950b1d35d22b324338ebc95b78c89


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    cda354dce2aec73533b4d9bfd346ca5d


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer.ini
  • $TEMP/TeamViewer/Version4/TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    45db500bcd9747c2cc0b9138686b22ae


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/logo.bmp
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections