Overview

overview

7

Static

static

5

39ce57a07b...18.exe

windows7-x64

7

39ce57a07b...18.exe

windows10-2004-x64

7

$DESKTOP/t...r_.exe

windows7-x64

7

$DESKTOP/t...r_.exe

windows10-2004-x64

7

$DESKTOP/t...AS.exe

windows7-x64

1

$DESKTOP/t...AS.exe

windows10-2004-x64

3

$DESKTOP/t...TV.dll

windows7-x64

3

$DESKTOP/t...TV.dll

windows10-2004-x64

3

$DESKTOP/t...er.exe

windows7-x64

7

$DESKTOP/t...er.exe

windows10-2004-x64

7

$DESKTOP/t...st.exe

windows7-x64

1

$DESKTOP/t...st.exe

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39ce57a07b5dfc971c3ce0d76a9f70a3_JaffaCakes118

  • Size

    932KB

  • MD5

    39ce57a07b5dfc971c3ce0d76a9f70a3

  • SHA1

    3b3f8f7466d0a199f45ac418042646d1927864d3

  • SHA256

    d5c99d6cab73d6d4fe837adcaabfd38b32f7bdea37546b86d3336aac3d8a1f60

  • SHA512

    a8529f2b260af96f0e3b5a6a6e61c10eeae6276442856027df745f21433b02b84d75991cfd3127687022e6c984f43aa67fb0a133eb512e7370d7383fde4e84ad

  • SSDEEP

    12288:mQ9fTnBt6urJQ34Lp05r7r5Tck0B6TYNYuPp9B97ucc6n0iXi0nxmhFL6r5cHG92:7nTNQ34L+Tck0BGKhhc65xcFS5cHeOcQ

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 39ce57a07b5dfc971c3ce0d76a9f70a3_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer_.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • $DESKTOP/temp/TeamViewer3/SAS.exe
    .exe windows:4 windows x86 arch:x86

    14bdb3629883611a89edd699bc1a5043


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/TV.dll
    .dll windows:4 windows x86 arch:x86

    2fc47df7b965c898518d83f04434b280


    Headers

    Imports

    Exports

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer.exe
    .exe windows:4 windows x86 arch:x86

    5b48386a7920d060e70dd74229088c52


    Code Sign

    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/TeamViewer.ini
  • $DESKTOP/temp/TeamViewer3/TeamViewer_Host.exe
    .exe windows:4 windows x86 arch:x86

    86552a95d3edfc48b9d72a023ac59dfb


    Headers

    Imports

    Sections

  • $DESKTOP/temp/TeamViewer3/logo.bmp
  • $PLUGINSDIR/GetVersion.dll
    .dll windows:4 windows x86 arch:x86

    add11ce79d4925abda7b305cc53287d2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    70dd3dc09a6a9df40b2eeb3eb051c3ff


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections