Overview

overview

7

Static

static

7

5e60962a90...18.exe

windows7-x64

7

5e60962a90...18.exe

windows10-2004-x64

7

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$_0_/TeamViewer_.exe

windows7-x64

7

$_0_/TeamViewer_.exe

windows10-2004-x64

7

$EXEDIR/TV.dll

windows7-x64

1

$EXEDIR/TV.dll

windows10-2004-x64

3

$EXEDIR/Te...er.exe

windows7-x64

7

$EXEDIR/Te...er.exe

windows10-2004-x64

7

$EXEDIR/Te...op.exe

windows7-x64

3

$EXEDIR/Te...op.exe

windows10-2004-x64

3

$EXEDIR/Te...en.dll

windows7-x64

1

$EXEDIR/Te...en.dll

windows10-2004-x64

1

$EXEDIR/Te...ce.exe

windows7-x64

1

$EXEDIR/Te...ce.exe

windows10-2004-x64

1

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e60962a90e8c71cd4b00d2e27fb0e4c_JaffaCakes118

  • Size

    2.7MB

  • MD5

    5e60962a90e8c71cd4b00d2e27fb0e4c

  • SHA1

    5d10e0492a6b5d563b747e2f9d8969eab6b81ee3

  • SHA256

    139dfc982c364514d76ed2542923f646d95a5ef3fc11bafea76cd4baa645174c

  • SHA512

    4da435c1afc5fe4e77274b2d407b7ac9fda1494243ca0693ca8193de7071136aa702f6902bda4e064ddd61e0d9db0d2714f4953e247c20316b3c271d7f60ed11

  • SSDEEP

    49152:yftA2eEwrpK5Kh7v9XFEYtVzAN+5jvURCndyWLhdndhDtr7It6FfTYi5iARVVpw7:yftveFpvh7v9V/tVcN+5ZhVdhpr7LF7M

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 5e60962a90e8c71cd4b00d2e27fb0e4c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    a147e98bc4c8de2e7a562af6dc54045c


    Headers

    Imports

    Exports

    Sections

  • $_0_/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $EXEDIR/TV.dll
    .dll windows:4 windows x86 arch:x86

    05692b5533cab7ba99d5ebc863276c4d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $EXEDIR/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    c24d6897799ac1bdb0cfcf8a76ed55fc


    Code Sign

    Headers

    Imports

    Sections

  • $EXEDIR/TeamViewer.ini
  • $EXEDIR/TeamViewer_Desktop.exe
    .exe windows:4 windows x86 arch:x86

    07ea98f4e07eafe92328d9e513829dd2


    Code Sign

    Headers

    Imports

    Sections

  • $EXEDIR/TeamViewer_Resource_en.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $EXEDIR/TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    075c20e9a75435ef05fc9fc71aee01e7


    Code Sign

    Headers

    Imports

    Sections

  • $EXEDIR/logo.bmp
  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections