Overview

overview

7

Static

static

7

5c9d9f1d8a...0N.exe

windows7-x64

1

5c9d9f1d8a...0N.exe

windows10-2004-x64

3

$DESKTOP/t...r_.exe

windows7-x64

7

$DESKTOP/t...r_.exe

windows10-2004-x64

7

$DESKTOP/t...AS.exe

windows7-x64

1

$DESKTOP/t...AS.exe

windows10-2004-x64

3

$DESKTOP/t...TV.dll

windows7-x64

3

$DESKTOP/t...TV.dll

windows10-2004-x64

3

$DESKTOP/t...er.exe

windows7-x64

7

$DESKTOP/t...er.exe

windows10-2004-x64

7

$DESKTOP/t...st.exe

windows7-x64

1

$DESKTOP/t...st.exe

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    5c9d9f1d8a9d721dc98cfcf20f62f5b0N

  • Size

    1003KB

  • MD5

    5c9d9f1d8a9d721dc98cfcf20f62f5b0

  • SHA1

    f506852469c363b8e86010d85c9f979c795bbb50

  • SHA256

    995c9ce4c7efd30229bd1d807309d357bb49bc88d97bd3c8a4987bf5a410fbf3

  • SHA512

    2d27bbc87e810c07d63998834193e850d3b5da7889fd48ad3aeba5fd32ff30b166867192b831a1e0ade0827744526dcd8fb4536e5efbd78cd7d46e1bc774c99b

  • SSDEEP

    24576:cnpMNiy5cS0mz1IOL/BqhJtGr3bxDLwR5LXRXafZ6bt6B9a:cnIi4cozVgtGr3bBLW5LB86eE

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 5c9d9f1d8a9d721dc98cfcf20f62f5b0N
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $DESKTOP/temp/TeamViewer3/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/TV.dll
    .dll windows:4 windows x86 arch:x86

    2fc47df7b965c898518d83f04434b280


    Headers

    Imports

    Exports

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    4e1d8fb7632986327fd8e81fe6cfe256


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer.ini
  • $DESKTOP/temp/TeamViewer3/TeamViewer_Host.exe
    .exe windows:4 windows x86 arch:x86

    2a4c9f7629b1ebe525727542b794f90f


    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/logo.bmp
  • $PLUGINSDIR/GetVersion.dll
    .dll windows:4 windows x86 arch:x86

    add11ce79d4925abda7b305cc53287d2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    70dd3dc09a6a9df40b2eeb3eb051c3ff


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections