Overview

overview

7

Static

static

5

07294b60a1...18.exe

windows7-x64

7

07294b60a1...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ta.dll

windows7-x64

3

$PLUGINSDI...ta.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

TeamViewer.exe

windows7-x64

7

TeamViewer.exe

windows10-2004-x64

7

TeamViewer...op.exe

windows7-x64

3

TeamViewer...op.exe

windows10-2004-x64

3

TeamViewer...en.dll

windows7-x64

1

TeamViewer...en.dll

windows10-2004-x64

1

TeamViewer...ce.exe

windows7-x64

3

TeamViewer...ce.exe

windows10-2004-x64

3

TeamViewer...es.dll

windows7-x64

1

TeamViewer...es.dll

windows10-2004-x64

1

tv_w32.dll

windows7-x64

3

tv_w32.dll

windows10-2004-x64

3

tv_w32.exe

windows7-x64

3

tv_w32.exe

windows10-2004-x64

3

tv_x64.dll

windows7-x64

1

tv_x64.dll

windows10-2004-x64

1

tv_x64.exe

windows7-x64

1

tv_x64.exe

windows10-2004-x64

1

x64/TVMonitor.sys

windows7-x64

1

x64/TVMonitor.sys

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    07294b60a1f0b3d82d215d1ff41756b9_JaffaCakes118

  • Size

    2.9MB

  • MD5

    07294b60a1f0b3d82d215d1ff41756b9

  • SHA1

    6f2b4a44f7a85933c7b6546c24690c43a42ae1a9

  • SHA256

    3cd1dff654d87a676d02afd5ccd492fcb606f26fd993fa87f4692c63d5709cfd

  • SHA512

    dbb3b822d42fe06b0bcebe7cbc5cf60213be6cfa95ad2e8423b20daa98a3eb73528a050b4a3d7088100814a991c8e19523f802aed3d3c2b85180cee934f31a69

  • SSDEEP

    49152:mEN6oZDhMcToUcHx0ZrKSrseqPs4OB8ecNifpf0a7YPb/lIKftzDKtj36:NNjDhMOoUcHSr2s4OB+Mt0BT/lIKftI

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 07294b60a1f0b3d82d215d1ff41756b9_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ReadCustomerData.dll
    .dll windows:4 windows x86 arch:x86

    d29e408dd9048e10d5936c6f2bfca832


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TvGetVersion.dll
    .dll windows:4 windows x86 arch:x86

    7f27fb2f8604769e3f1416e79e2b660f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:4 windows x86 arch:x86

    b22ed27c346f001ed1b4410c1073cfa9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/wincheck.ini
  • $_2_/tvqsfiles.7z
    .7z
  • TeamViewer.exe
    .exe windows:5 windows x86 arch:x86

    f6e72ae7bc091ffa9e18ef49ede11c96


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Desktop.exe
    .exe windows:5 windows x86 arch:x86

    de8b218615d3a6d615cedf7273b2fb7b


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_Resource_en.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • TeamViewer_Service.exe
    .exe windows:5 windows x86 arch:x86

    3d195209ce847960d828e89eb51485a4


    Code Sign

    Headers

    Imports

    Sections

  • TeamViewer_StaticRes.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • tv_w32.dll
    .dll windows:5 windows x86 arch:x86

    2ca28be43421dd21ac4263087f72f259


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_w32.exe
    .exe windows:5 windows x86 arch:x86

    50a1bd551f06f6cf63b0687e32d02be5


    Code Sign

    Headers

    Imports

    Sections

  • tv_x64.dll
    .dll windows:5 windows x64 arch:x64

    4ddc3c35228a7a7ce89029d91ef1da7b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • tv_x64.exe
    .exe windows:5 windows x64 arch:x64

    2c5c62562658e3dcbc628c79afc9f4a7


    Code Sign

    Headers

    Imports

    Sections

  • x64/TVMonitor.inf
  • x64/TVMonitor.sys
    .sys windows:6 windows x64 arch:x64

    f24b69173de020aa0ac1739d7b40e04c


    Code Sign

    Headers

    Imports

    Sections

  • x64/tvmonitor.cat
  • x86/TVMonitor.inf
  • x86/TVMonitor.sys
    .sys windows:6 windows x86 arch:x86

    bc06eb1dad5e8285411e580cdee99e10


    Code Sign

    Headers

    Imports

    Sections

  • x86/tvmonitor.cat
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections