Overview

overview

7

Static

static

7

ded3bca72d...18.exe

windows7-x64

7

ded3bca72d...18.exe

windows10-2004-x64

7

$TEMP/Team...r_.exe

windows7-x64

7

$TEMP/Team...r_.exe

windows10-2004-x64

7

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/Team...AS.exe

windows7-x64

1

$TEMP/Team...AS.exe

windows10-2004-x64

3

$TEMP/Team...TV.dll

windows7-x64

3

$TEMP/Team...TV.dll

windows10-2004-x64

3

$TEMP/Team...er.exe

windows7-x64

7

$TEMP/Team...er.exe

windows10-2004-x64

7

$TEMP/Team...ce.exe

windows7-x64

3

$TEMP/Team...ce.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ded3bca72d237bc63f4b66084b9a55ed_JaffaCakes118

  • Size

    1.3MB

  • MD5

    ded3bca72d237bc63f4b66084b9a55ed

  • SHA1

    01a0402a1d7d5b2e88e53c0c2a1f493e40033880

  • SHA256

    a490b23d5f216e56af3004e7b6ff9a44d62adda82e26ea6b2cd275bf53c0b3c4

  • SHA512

    0905c15022adfa34bc70450b59bb7cc332b0a1776130fa46b94bd391212a43aac7f960ef34a8c0ddd25ed7fc7a6787e2cddac2734ad05093ba1fd5a51e4ccae5

  • SSDEEP

    24576:nnii3AFdp1fbjR8s3UlqRoZ/j1IHY81iI3IqQ5F07KlKtuo4x527f:nnihtZjKnqM/j1cIqQ5F07RtuF52z

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • ded3bca72d237bc63f4b66084b9a55ed_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $TEMP/TeamViewer3/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/GetVersion.dll
    .dll windows:4 windows x86 arch:x86

    add11ce79d4925abda7b305cc53287d2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    70dd3dc09a6a9df40b2eeb3eb051c3ff


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer3/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer3/TV.dll
    .dll windows:4 windows x86 arch:x86

    974eefbb2084e8d4e0e7e60176930a94


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer3/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    433d36162ff930da7ecc026b5505d9ab


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer3/TeamViewer.ini
  • $TEMP/TeamViewer3/TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    cef7955b9618343864b3367f3754899a


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer3/logo.bmp
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections