Overview

overview

7

Static

static

7

d255b7d103...18.exe

windows7-x64

7

d255b7d103...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ta.dll

windows7-x64

3

$PLUGINSDI...ta.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

TeamViewer.exe

windows7-x64

7

TeamViewer.exe

windows10-2004-x64

7

TeamViewer...op.exe

windows7-x64

3

TeamViewer...op.exe

windows10-2004-x64

3

TeamViewer...fr.dll

windows7-x64

1

TeamViewer...fr.dll

windows10-2004-x64

1

TeamViewer...ce.exe

windows7-x64

3

TeamViewer...ce.exe

windows10-2004-x64

3

tv_w32.dll

windows7-x64

3

tv_w32.dll

windows10-2004-x64

3

tv_w32.exe

windows7-x64

3

tv_w32.exe

windows10-2004-x64

3

tv_x64.dll

windows7-x64

1

tv_x64.dll

windows10-2004-x64

1

tv_x64.exe

windows7-x64

1

tv_x64.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d255b7d1030974c6e5cd7da6f956805c_JaffaCakes118

  • Size

    2.7MB

  • MD5

    d255b7d1030974c6e5cd7da6f956805c

  • SHA1

    e4c20fe519b1c213458389c26e2aa53cd7d002ba

  • SHA256

    b0fe5e9cc5e5529bf71dfd6818c259983a51f2f17960a91736bbacc065403e18

  • SHA512

    a48034ef8afc1d8951c8a4645881a2edff01aca01ae4228e027b1d6170c07e2425a92ae1c6d7cce086547d7860cb51d9cb2698ab3bd3e40f41c5e7e475eb54f8

  • SSDEEP

    49152:pcbXc7MoGjIuNOxhL7XGypGf32BXV7YxMnih6eLeRB6NCINY6b5CYO:py+OOxhL72lf32F8Mnis255CD

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • d255b7d1030974c6e5cd7da6f956805c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ReadCustomerData.dll
    .dll windows:4 windows x86 arch:x86

    d29e408dd9048e10d5936c6f2bfca832


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    88d67657017b9d8004b8a2d8a16f30a6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    b22ed27c346f001ed1b4410c1073cfa9


    Headers

    Imports

    Exports

    Sections

  • $_0_/tvqjfiles.7z
    .7z
  • TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    7952882b6bc06c9509f64238664bd6ff


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:4 windows x86 arch:x86

    8942f831512ad2679bed4181c924a837


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_fr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    d65b9f360d4f27f3af7bb12f9b2b2af7


    Code Sign

    Headers

    Imports

    Sections

  • tv_w32.dll
    .dll windows:4 windows x86 arch:x86

    798ed578c45b3498ce7896558c5e55e0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:4 windows x86 arch:x86

    68da36c705041bcb516a1b6caabad0aa


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:4 windows x64 arch:x64

    09c5b20b66e0f7caa44c28dfae2d9a8d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:4 windows x64 arch:x64

    fe0ec5a2a04130d9900b2dd133a00d2b


    Code Sign

    Headers

    Imports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections