Overview

overview

7

Static

static

7

2bc872ee73...18.exe

windows7-x64

7

2bc872ee73...18.exe

windows10-2004-x64

7

$DESKTOP/t...AS.exe

windows7-x64

1

$DESKTOP/t...AS.exe

windows10-2004-x64

1

$DESKTOP/t...TV.dll

windows7-x64

3

$DESKTOP/t...TV.dll

windows10-2004-x64

3

$DESKTOP/t...er.exe

windows7-x64

7

$DESKTOP/t...er.exe

windows10-2004-x64

7

$DESKTOP/t...st.exe

windows7-x64

1

$DESKTOP/t...st.exe

windows10-2004-x64

1

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2bc872ee73cfa68648e5007dc8a462e6_JaffaCakes118

  • Size

    1.0MB

  • MD5

    2bc872ee73cfa68648e5007dc8a462e6

  • SHA1

    116923f9d18d4a03766d20bf3db682a9e5c13791

  • SHA256

    db3f65ee427a03c464d52a7f9272a7e3b6ae24a10b18db153d0380b593f7bfea

  • SHA512

    c89acd06ce030de92044a418513a49d09b446e2bab629d427d36d6ff324cb3e4c63d97534d3aeab65571bfc351983c1b707219b2003fa859cfda05d78d0ce7d6

  • SSDEEP

    24576:Ln53RlQ1TKhP0FuzMavRww5iNeqHcCpziPXyuFUolfubdcSUx:Ln53RO1y0FuzXvRt5iseWPxloOS+

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 2bc872ee73cfa68648e5007dc8a462e6_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $DESKTOP/temp/TeamViewer3/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/TV.dll
    .dll windows:4 windows x86 arch:x86

    974eefbb2084e8d4e0e7e60176930a94


    Headers

    Imports

    Exports

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    c67edf531bdc750370ea2ec071cb0cfa


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer.ini
  • $DESKTOP/temp/TeamViewer3/TeamViewer_Host.exe
    .exe windows:4 windows x86 arch:x86

    cef7955b9618343864b3367f3754899a


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/logo.bmp
  • $PLUGINSDIR/GetVersion.dll
    .dll windows:4 windows x86 arch:x86

    add11ce79d4925abda7b305cc53287d2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    70dd3dc09a6a9df40b2eeb3eb051c3ff


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections