» teamviewer việt hoá 100- (có dấu)o.exe
Overview
Analysis
File Details
Downloads (15)
Network (63)

teamviewer việt hoá 100- (có dấu)o.exe

TeamViewer

The executable teamviewer việt hoá 100- (có dấu)o.exe, “TeamViewer Remote Control Application” has been detected as malware by 10 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from docs.google.com and multiple other hosts. While running, it connects to the Internet address master6.teamviewer.com on port 5938.

File name:

Publisher:

TeamViewer GmbH* (Invalid match)

Product:

TeamViewer

Description:

TeamViewer Remote Control Application

Version:

3.5.4140.0

MD5:

674385bfc918499bd9119c7789db004b

SHA-1:

1ca0f2fd722f805af70d702bc43d9ed6e83a25dd

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/19/2024 3:38:09 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.770048.51

7.11.184.74

avast!

Win32:Malware-gen

2014.9-141111

G Data

Win32.Trojan.Agent.KMDSIX

14.11.24

IKARUS anti.virus

Win32.Malware

t3scan.1.8.3.0

K7 AntiVirus

Riskware

13.185.13980

McAfee

Artemis!674385BFC918

5600.6949

Norman

Suspicious_Gen4.CEZYK

11.20141111

Qihoo 360 Security

Win32/Trojan.786

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Generic.152E7FFB!355368955

23.00.65.141109

VIPRE Antivirus

Trojan.Win32.Generic

34706

File size:

748.5 KB (766,464 bytes)

Product version:

3.5

©TeamViewer GmbH

Trademarks:

TeamViewer

Original file name:

TeamViewer.exe

File type:

Executable application (Win32 EXE)

Language:

Vietnamese

Common path:

C:\Program Files\teamviewer\version9\teamviewer việt hoá 100- (có dấu)o.exe

File PE Metadata

Compilation timestamp:

3/12/2008 3:54:55 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

12288:/kc5u8+cgtPBE9UpJLs4QwUFfDWuvkKmEdTF+dyJdcn2z+sgHt0ip/HT2PJFwEdY:/kcc7tpZ5AFfi+kKmEd6ysn2Ssgui9K/

Entry address:

0x2F2500

Entry point:

60, BE, 00, 00, 64, 00, 8D, BE, 00, 10, DC, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 09, 0C, 2F, 00, 57, 83, C3, 04, 53, 68, FC, 24, 0B, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Entropy:

7.9627 (probably packed)

Code size:

720 KB (737,280 bytes)

The file teamviewer việt hoá 100- (có dấu)o.exe has been seen being distributed by the following 15 URLs.

https://docs.google.com/uc?authuser=0&id=0B5prVYfXunBCeDdhc3RhUVIxbjg&export=download

http://www.mu6vn.com/TeamViewer.exe

https://doc-0c-94-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/2copieuoaik8mbtri9svplf6rt4kr61j/1474977600000/05552490603852504800/.../0B5prVYfXunBCeDdhc3RhUVIxbjg?e=download

https://docs.google.com/uc?authuser=0&id=0B3DU7maNVvULRmZNODVTS19yYUU&export=download

http://download1788.mediafire.com/rt2dcaf3s1sg/.../TeamViewer vi?t hoá 100- (có d?u).exe

https://docs.google.com/uc?authuser=0&id=0BydE5CUzDv4uOHY3bmVDNVA0TGs&export=download

http://download2108.mediafire.com/92j1uecfew2g/.../TeamViewer vi?t hoá 100- (có d?u).exe

http://download1788.mediafire.com/p6quxab2l59g/.../TeamViewer vi?t hoá 100- (có d?u).exe

http://taigame.hoiuckiemthe.net/tv.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=0c3cb375e7032d434231717871ea6e8d2b33f396b118ea5bfd6dc860df451215622079f8e76d2fb11522fef117731b514a2815ceade24f2e6b5ec24bee9fd889da9aff998e58ddffff2c3107e80c9e63c415993aaa57196d800632ce1b7c46c2f439a71e130362aecc91fe6496ba6b2fea6cb5b09447713f132235d8ca026832a41ad6e92b31b99f6424c32bcf836fe8bc571388ba418085&url=0b3da36fa30172185e33336174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e33336174fd75853636b390ad53fc55a0&jump_type=download&file=teamviewer-viet-hoa-100-(co-dau).exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=0421e028b9023b4145656b2b37ad2eda2c22ef95fa0cf40ee62c983f9c4c490b622079f8e76d2fb11522fef117731b514a2815ceade24f2e6b5ec24bee9fd889da9aff998e58ddffff2c3107e80c9e63c415993aaa57196d800632ce1b7c46c2f439a71e130362aecc91fe6496ba6b2fea6cb5b09447713f132235d8ca026832a41ad6e92b31b99f6424c32bcf836fe8bc571388ba418085&url=0b3da36fa30172185e33336174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e33336174fd75853636b390ad53fc55a0&jump_type=download&file=teamviewer-viet-hoa-100-(co-dau).exe

http://update.mu-thanthoai.com/TeamViewerMUThanThoai.exe

http://api2.tenlua.vn/filemanager/builddownload/.../?hash=5724e672be4b68441a6c663974e828987524f78bf048ad55e4288865da14554d622079f8e76d2fb11522fef117731b514a2815ceade24f2e6b5ec24bee9fd889da9aff998e58ddffff2c3107e80c9e63c415993aaa57196d800632ce1b7c46c2f439a71e130362aecc91fe6496ba6b2fea6cb5b09447713f132235d8ca026832a41ad6e92b31b99f6424c32bcf836fe8bc571388ba418085&url=0b3da36fa30172185e33336174fd75853636b390ad53eb4da0&down=0b3da36fa30172185e33336174fd75853636b390ad53fc55a0&jump_type=download&file=teamviewer-viet-hoa-100-(co-dau).exe

https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/.../TeamViewer vi?t hoá 100- (có d?u).exe

https://thanhsonvn90.googlecode.com/.../TeamViewer vi?t hoá 100- (có d?u).exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to server22203.teamviewer.com (217.146.4.4:80)

TCP:

Connects to master6.teamviewer.com (178.77.120.100:5938)

TCP:

Connects to server50302.teamviewer.com (213.39.120.130:5938)

TCP:

Connects to ping3.teamviewer.com (217.146.26.212:5938)

TCP:

Connects to server50702.teamviewer.com (195.143.10.82:5938)

TCP:

Connects to server50804.teamviewer.com (213.39.27.212:5938)

TCP:

Connects to server50801.teamviewer.com (213.39.27.209:5938)

TCP:

Connects to server23707.teamviewer.com (37.252.227.53:5938)

TCP:

Connects to server23405.teamviewer.com (178.255.155.22:5938)

TCP:

Connects to server18901.teamviewer.com (159.122.90.116:5938)

TCP:

Connects to server18801.teamviewer.com (159.8.209.214:5938)

TCP:

Connects to server50703.teamviewer.com (195.143.10.83:5938)

TCP:

Connects to server50604.teamviewer.com (195.81.195.52:5938)

TCP:

Connects to server50305.teamviewer.com (213.39.120.133:5938)

TCP:

Connects to server50304.teamviewer.com (213.39.120.132:5938)

TCP:

Connects to server50301.teamviewer.com (213.39.120.129:5938)

TCP:

Connects to server50203.teamviewer.com (89.202.200.131:5938)

TCP:

Connects to server25610.teamviewer.com (188.172.223.30:5938)

TCP:

Connects to server25405.teamviewer.com (188.172.212.6:5938)

TCP:

Connects to server25204.teamviewer.com (162.250.3.5:5938)

Remove teamviewer việt hoá 100- (có dấu)o.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.