» teamviewer_setup.exe
Overview
Analysis
File Details
Downloads (1)

teamviewer_setup.exe

Project1

The executable teamviewer_setup.exe has been detected as malware by 6 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from bachkim.vn.

File name:

Product:

Project1

Version:

1.00

MD5:

dc648e645894c4cdb3dc872a168c3df2

SHA-1:

3dec112be6ec2f63095918de8149e660b4f6002c

SHA-256:

bbd60b0fadf65547caf991ab90df17903aa0ac3353d7db5f8a6696b38645c12e

Scanner detections:

6 / 68

Status:

Malware

Analysis date:

5/21/2024 8:21:53 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:SaliCode

160518-2

Dr.Web

Win32.Sector.30

9.0.1.05190

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

Microsoft Security Essentials

Threat.Undefined

1.225.606.0

VIPRE Antivirus

Threat.4721115

50536

File size:

3.2 MB (3,407,366 bytes)

Product version:

1.00

Original file name:

TJprojMain.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

4/1/2013 2:08:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:/1Aqg6XnLp7Kf+Q2N05nU+PqimBsAXKqaIxeJJsUL/FdHWl+xfXunyBvPJ/V987+:FgAck0tU/CAXNdeXnJ2ofXXBpt076

Entry address:

0x290C

Entry point:

FE, C4, C6, C4, E0, 68, 36, 12, 34, 00, 8A, D1, 89, F0, 86, FB, FE, C7, FF, C5, F6, C0, 36, F6, C6, C7, 81, C2, 80, 10, 00, 00, F3, 87, C0, 08, E7, 68, 91, 69, 0D, 00, 8A, CE, 0F, AF, F9, 80, C4, 9B, 3A, D9, FE, CC, 4B, E8, 2D, 00, 00, 00, 85, DB, 77, 02, 84, C0, 81, E5, 1B, 33, 10, B1, 20, EF, 89, DB, 8D, 3D, 27, 94, FB, 28, 84, C0, 8B, FB, 87, DD, 85, D3, 8D, 33, 0F, BE, F9, C7, C5, 98, F5, FC, 0E, 40, 8B, CE, F3, 85, CA, 78, 0B, 8D, 15, 3A, 42, 99, A1, 85, FF, F6, C2, 47, 88, D7, 4A, 8D, 0D, 16, 3A, C9... 
[+]

Code size:

104 KB (106,496 bytes)

The file teamviewer_setup.exe has been seen being distributed by the following URL.

http://bachkim.vn/.../TeamViewer_Setup.exe

Remove teamviewer_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.