Overview

overview

7

Static

static

5

0d5218237a...18.exe

windows7-x64

7

0d5218237a...18.exe

windows10-2004-x64

7

$TEMP/Team...r_.exe

windows7-x64

7

$TEMP/Team...r_.exe

windows10-2004-x64

7

$PLUGINSDI...64.dll

windows7-x64

3

$PLUGINSDI...64.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/Team...AS.exe

windows7-x64

1

$TEMP/Team...AS.exe

windows10-2004-x64

3

$TEMP/Team...TV.dll

windows7-x64

3

$TEMP/Team...TV.dll

windows10-2004-x64

3

$TEMP/Team...er.exe

windows7-x64

7

$TEMP/Team...er.exe

windows10-2004-x64

7

$TEMP/Team...ce.exe

windows7-x64

3

$TEMP/Team...ce.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    0d5218237ad1c135f412e5b1831e9049_JaffaCakes118

  • Size

    1.3MB

  • MD5

    0d5218237ad1c135f412e5b1831e9049

  • SHA1

    66748aa2c7841bb71bd78574025da2b0b0bc8406

  • SHA256

    762c63506ae35d457b7a2e58e92dff2ee7fa6fc23ff0e7e15517af327b9779f7

  • SHA512

    49439b83bb4cfe40ddd52a2f88976c43baaa1707ca2ea667da7fa1508bea61bf0da7f671f0c1e8f53c4443d8b0c46228a8b6c543884d84dd4a9535c7d22d1d86

  • SSDEEP

    24576:UYtTbgCO8OOkko80FjXkySRyWsAwVxxcKujktuo4x527B:ZTFOOky+4ySRyWkxQktuF52d

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 0d5218237ad1c135f412e5b1831e9049_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $TEMP/TeamViewer3/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $PLUGINSDIR/Base64.dll
    .dll windows:4 windows x86 arch:x86

    42bb3280d840d5e9acd666bdd5d0c030


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/GetVersion.dll
    .dll windows:4 windows x86 arch:x86

    add11ce79d4925abda7b305cc53287d2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2457671c10c5aa708d9619798ec0139c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer3/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer3/TV.dll
    .dll windows:4 windows x86 arch:x86

    974eefbb2084e8d4e0e7e60176930a94


    Headers

    Imports

    Exports

    Sections

  • $TEMP/TeamViewer3/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    d832c0e85d1af7b40e866ce791a172d6


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/TeamViewer3/TeamViewer_Service.exe
    .exe windows:4 windows x86 arch:x86

    45db500bcd9747c2cc0b9138686b22ae


    Code Sign

    Headers

    Imports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections