Overview

overview

7

Static

static

7

3fd73b3827...0N.exe

windows7-x64

7

3fd73b3827...0N.exe

windows10-2004-x64

7

$PLUGINSDI...64.dll

windows7-x64

3

$PLUGINSDI...64.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/Team...AS.exe

windows7-x64

1

$TEMP/Team...AS.exe

windows10-2004-x64

3

$TEMP/Team...TV.dll

windows7-x64

3

$TEMP/Team...TV.dll

windows10-2004-x64

3

$TEMP/Team...er.exe

windows7-x64

7

$TEMP/Team...er.exe

windows10-2004-x64

7

$TEMP/Team...ce.exe

windows7-x64

3

$TEMP/Team...ce.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3fd73b38270fef6bb5ff9c0540ccb090N.exe

  • Size

    1.5MB

  • MD5

    3fd73b38270fef6bb5ff9c0540ccb090

  • SHA1

    c58586fd304be20d0fc3f68e1153d68d8239fe32

  • SHA256

    d80e6ce989d2fad33ad00b7215e250957fa5ce3cac0695d2e688570fcfdc2cd5

  • SHA512

    c941e6c46ca27451a569f014308cd537d8ed310d5278d83d8314bc635059004fe8245e038e36a1b71cf5d2a9af3187ce0aac16529a3a7036583b0b2a2301d303

  • SSDEEP

    24576:vhVTz8HoYt29z3q+bMDTjXbHg1eJgvFgnUrb/unysgapiEtQ10edtuo4x527Q:XTLY2MDTfMeJkgE7uysgaQEtrktuF52M

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 3fd73b38270fef6bb5ff9c0540ccb090N.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/Base64.dll
    .dll windows:4 windows x86 arch:x86

    42bb3280d840d5e9acd666bdd5d0c030


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7d39d7b95784d1db8a0e72607b2a86be


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2457671c10c5aa708d9619798ec0139c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/TV.dll
    .dll windows:4 windows x86 arch:x86

    9e0950b1d35d22b324338ebc95b78c89


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    2ece63c1c6b048f57b1de8a489ad8167


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer/Version4/TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    45db500bcd9747c2cc0b9138686b22ae


    Code Sign

    Headers

    Imports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections