× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 88c0c45aaa3888958cd430a949a7c27a62043ba8cc460c6a60cd2c5f2a8d46a1
File name: output.114089583.txt
Detection ratio: 22 / 68
Analysis date: 2018-09-21 10:38:59 UTC ( 8 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.40505035 20180921
AhnLab-V3 Malware/Gen.Generic.C2725996 20180921
BitDefender Trojan.GenericKD.40505035 20180921
Bkav W32.HfsAutoB. 20180921
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cylance Unsafe 20180921
Cyren W32/GenBl.A28A7083!Olympus 20180921
Emsisoft Trojan.GenericKD.40505035 (B) 20180921
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Generik.IVYGGNQ 20180921
F-Secure Trojan.GenericKD.40505035 20180921
GData Win32.Trojan-Stealer.LokiBot.25N7VE 20180921
Sophos ML heuristic 20180717
Kaspersky Trojan.Win32.Delf.tfha 20180921
McAfee Artemis!A28A7083EEEF 20180921
McAfee-GW-Edition BehavesLike.Win32.Trojan.tc 20180921
eScan Trojan.GenericKD.40505035 20180921
Palo Alto Networks (Known Signatures) generic.ml 20180921
Rising Trojan.Delf!8.67 (CLOUD) 20180921
SentinelOne (Static ML) static engine - malicious 20180830
TrendMicro-HouseCall Suspicious_GEN.F47V0921 20180921
ZoneAlarm by Check Point Trojan.Win32.Delf.tfha 20180921
AegisLab 20180921
Alibaba 20180912
ALYac 20180921
Antiy-AVL 20180921
Arcabit 20180921
Avast 20180921
Avast-Mobile 20180921
AVG 20180921
Avira (no cloud) 20180921
AVware 20180921
Babable 20180918
Baidu 20180914
CAT-QuickHeal 20180918
ClamAV 20180921
CMC 20180921
Comodo 20180921
Cybereason 20180225
DrWeb 20180921
eGambit 20180921
F-Prot 20180921
Fortinet 20180921
Ikarus 20180921
Jiangmin 20180921
K7AntiVirus 20180921
K7GW 20180921
Kingsoft 20180921
Malwarebytes 20180921
MAX 20180921
Microsoft 20180921
NANO-Antivirus 20180921
Panda 20180920
Qihoo-360 20180921
Sophos AV 20180921
SUPERAntiSpyware 20180907
Symantec 20180921
Symantec Mobile Insight 20180918
TACHYON 20180921
Tencent 20180921
TheHacker 20180920
TotalDefense 20180920
TrendMicro 20180921
Trustlook 20180921
VBA32 20180921
VIPRE 20180921
ViRobot 20180921
Webroot 20180921
Yandex 20180920
Zillya 20180920
Zoner 20180920
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
TeamViewer GmbH

Product TeamViewer
Comments TeamViewer Remote Control Application
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x004F1000
Number of sections 6
PE sections
PE imports
InitCommonControls
Number of PE resources by type
RT_BITMAP 40
RT_RCDATA 31
RT_STRING 18
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_DIALOG 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 81
RUSSIAN 22
UKRAINIAN DEFAULT 2
ARABIC EGYPT 1
ENGLISH US 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
TeamViewer Remote Control Application

InitializedDataSize
387584

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
12.1.11706.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

ImageFileCharacteristics
Executable, No line numbers, No symbols, Bytes reversed lo, 32-bit, Bytes reversed hi

CharacterSet
Windows, Latin1

LinkerVersion
2.25

EntryPoint
0x4f1000

MIMEType
application/octet-stream

LegalCopyright
TeamViewer GmbH

TimeStamp
1992:06:20 00:22:17+02:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
12.0.77242.0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
TeamViewer GmbH

CodeSize
623104

ProductName
TeamViewer

ProductVersionNumber
12.0.11706.0

Warning
Possibly corrupt Version resource

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a28a7083eeef5a5dbfeec74f45ce078e
SHA1 1773de1cb76cac6b35cd56870efca7a4ac2ad6be
SHA256 88c0c45aaa3888958cd430a949a7c27a62043ba8cc460c6a60cd2c5f2a8d46a1
ssdeep
24576:TbmxjVWlBxEynqdO84LXv3zZeVbzsCInk5TTC5tdlhM4il8gDT95tCHOl3rOK5T8:sEn4Ol7KLfTTCFly4iCgXmOZB4wcK6P

authentihash 0049bf5802357ecb409b4198b49bd34626701886997c2d4d39f990a4f00e8ef6
imphash baa93d47220682c04d92f7797d9224ce
File size 1.9 MB ( 2041856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (35.7%)
Win16/32 Executable Delphi generic (16.4%)
OS/2 Executable (generic) (16.0%)
Generic Win/DOS Executable (15.8%)
DOS Executable Generic (15.8%)
Tags
peexe

VirusTotal metadata
First submission 2018-09-21 01:10:04 UTC ( 8 months, 1 week ago )
Last submission 2018-09-21 10:38:59 UTC ( 8 months, 1 week ago )
File names output.114089583.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Runtime DLLs