Overview

overview

7

Static

static

7

d21c8a5a2c...18.exe

windows7-x64

7

d21c8a5a2c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ta.dll

windows7-x64

3

$PLUGINSDI...ta.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

TeamViewer.exe

windows7-x64

7

TeamViewer.exe

windows10-2004-x64

7

TeamViewer...op.exe

windows7-x64

3

TeamViewer...op.exe

windows10-2004-x64

3

TeamViewer...de.dll

windows7-x64

1

TeamViewer...de.dll

windows10-2004-x64

1

TeamViewer...ce.exe

windows7-x64

3

TeamViewer...ce.exe

windows10-2004-x64

3

TeamViewer...es.dll

windows7-x64

1

TeamViewer...es.dll

windows10-2004-x64

1

tv_w32.dll

windows7-x64

3

tv_w32.dll

windows10-2004-x64

3

tv_w32.exe

windows7-x64

3

tv_w32.exe

windows10-2004-x64

3

tv_x64.dll

windows7-x64

1

tv_x64.dll

windows10-2004-x64

1

tv_x64.exe

windows7-x64

1

tv_x64.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    d21c8a5a2cfd2cea8b82e2f59c327861_JaffaCakes118

  • Size

    3.0MB

  • MD5

    d21c8a5a2cfd2cea8b82e2f59c327861

  • SHA1

    d19b49d0a047fc3a19dcacfdce6651e500fc9afb

  • SHA256

    2484a5bd9767baa2152f3f519a926cac770ea913e021da673a48aa0c1f69f73d

  • SHA512

    9ed4c3cd82bf91726b4120677fe2f04b6bcc14743cd662b53edb5dcd6c13d763f84755e8713c0fb4b86098f81023b12dea5f96764be9e2909e478bf227ce9366

  • SSDEEP

    49152:gmS2s3D+9T0kg3ykVvWDco+E4uZH2NCG0sag6tSjlKV2gfcB2BjOrce/KGJe/AJ:r0OSdhEna0jhSjlE6qeV

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • d21c8a5a2cfd2cea8b82e2f59c327861_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ReadCustomerData.dll
    .dll windows:4 windows x86 arch:x86

    d29e408dd9048e10d5936c6f2bfca832


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    88d67657017b9d8004b8a2d8a16f30a6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    b22ed27c346f001ed1b4410c1073cfa9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/wincheck.ini
  • $_2_/tvqsfiles.7z
    .7z
  • TeamViewer.exe
    .exe windows:5 windows x86 arch:x86

    06ff1b63b833db0a9e6fcdb280057163


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:5 windows x86 arch:x86

    a8a7799a0300a0e639e26eb9d35b7df2


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_de.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:5 windows x86 arch:x86

    16390213abc6fd8bbe87e56bd0a98b21


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_StaticRes.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • tv_w32.dll
    .dll windows:5 windows x86 arch:x86

    714e5bc40dee78cd885497d6a83a0771


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:5 windows x86 arch:x86

    50a1bd551f06f6cf63b0687e32d02be5


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:5 windows x64 arch:x64

    2b7e8ea5f94b83a0c345d3ae26628b16


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:5 windows x64 arch:x64

    2c5c62562658e3dcbc628c79afc9f4a7


    Code Sign

    Headers

    Imports

    Sections

  • $_2_/tvqsfilesx64.7z
    .7z
  • x64/TVMonitor.inf
  • x64/TVMonitor.sy_
    .sys windows:6 windows x64 arch:x64

    f24b69173de020aa0ac1739d7b40e04c


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • $_2_/tvqsfilesx86.7z
    .7z
  • x86/TVMonitor.inf
  • x86/TVMonitor.sy_
    .sys windows:6 windows x86 arch:x86

    bc06eb1dad5e8285411e580cdee99e10


    Code Sign

    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections