Overview

overview

7

Static

static

7

f063da33dc...18.exe

windows7-x64

7

f063da33dc...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

TeamViewer.exe

windows7-x64

7

TeamViewer.exe

windows10-2004-x64

7

TeamViewer...op.exe

windows7-x64

3

TeamViewer...op.exe

windows10-2004-x64

3

TeamViewer...ar.dll

windows7-x64

1

TeamViewer...ar.dll

windows10-2004-x64

1

TeamViewer...bg.dll

windows7-x64

1

TeamViewer...bg.dll

windows10-2004-x64

1

TeamViewer...cs.dll

windows7-x64

1

TeamViewer...cs.dll

windows10-2004-x64

1

TeamViewer...da.dll

windows7-x64

1

TeamViewer...da.dll

windows10-2004-x64

1

TeamViewer...de.dll

windows7-x64

1

TeamViewer...de.dll

windows10-2004-x64

1

TeamViewer...el.dll

windows7-x64

1

TeamViewer...el.dll

windows10-2004-x64

1

TeamViewer...en.dll

windows7-x64

1

TeamViewer...en.dll

windows10-2004-x64

1

TeamViewer...es.dll

windows7-x64

1

TeamViewer...es.dll

windows10-2004-x64

1

TeamViewer...fi.dll

windows7-x64

1

TeamViewer...fi.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    f063da33dc162f90e4682df35e8ae86c_JaffaCakes118

  • Size

    3.3MB

  • MD5

    f063da33dc162f90e4682df35e8ae86c

  • SHA1

    3f66d06ec48d6c0a794d4b477f1ced4723cd68b4

  • SHA256

    490879a102badcbb29854a4c4b7b16c12585f464e5cd9396c37b24eba04a2bdf

  • SHA512

    0effe0a70baa4ca6060635087011d78354f53be0e10ced5dd3e12b0152db49ffd67f99563d3c18019c3eb9f95e4d58568b923e7e1b701fb71252b1c8c415c82a

  • SSDEEP

    98304:R1bTjypnPlU+MGYcX2z6g2uZPRt6A63O3ly92pbFeFs:RI3YchgJ9RtkGmWbFv

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • f063da33dc162f90e4682df35e8ae86c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7f27fb2f8604769e3f1416e79e2b660f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    b22ed27c346f001ed1b4410c1073cfa9


    Headers

    Imports

    Exports

    Sections

  • $_0_/tvqsfiles.7z
    .7z
  • TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    329a6075c140c50717012b6a3fd12401


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:4 windows x86 arch:x86

    44d379114588a09389c246b3ed2cf712


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_ar.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_bg.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_cs.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_da.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_de.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_el.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_en.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_es.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_fi.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_fr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_he.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_hr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_hu.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_id.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_it.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ja.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ko.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_lt.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_nl.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_no.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_pl.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_pt.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ro.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_ru.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_sk.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_sr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_sv.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_th.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_tr.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_uk.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_vi.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_zhCN.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Resource_zhTW.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    30f540769d41bcf3c0ec605a3b674e29


    Code Sign

    Headers

    Imports

    Sections

  • tv_w32.dll
    .dll windows:4 windows x86 arch:x86

    798ed578c45b3498ce7896558c5e55e0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:4 windows x86 arch:x86

    68da36c705041bcb516a1b6caabad0aa


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:4 windows x64 arch:x64

    09c5b20b66e0f7caa44c28dfae2d9a8d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:4 windows x64 arch:x64

    fe0ec5a2a04130d9900b2dd133a00d2b


    Code Sign

    Headers

    Imports

    Sections

  • x64/TVMonitor.inf
  • x64/TVMonitor.sys
    .sys windows:6 windows x64 arch:x64

    f24b69173de020aa0ac1739d7b40e04c


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • x86/TVMonitor.inf
  • x86/TVMonitor.sys
    .sys windows:6 windows x86 arch:x86

    bc06eb1dad5e8285411e580cdee99e10


    Code Sign

    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections