popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

2022-12-09 00:31:00

PE Imphash

17a4bd9c95f2898add97f309fc6f9bcd

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.bss 0x00001000 0x00013000 0x00000000 0.0
.data 0x00014000 0x0000e010 0x0000e200 7.96000845127
.text 0x00023000 0x00003708 0x00003800 0.842755731496
.idata 0x00027000 0x00000088 0x00000200 1.28862139339
.itext 0x00028000 0x00000265 0x00000400 3.33536028374
.edata 0x00029000 0x000036d5 0x00003800 5.1522330717
.rsrc 0x0002d000 0x00046664 0x00046800 3.82744231232

Resources

Name Offset Size Language Sub-language File type
RT_ICON 0x00030c78 0x00042028 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00030c78 0x00042028 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00030c78 0x00042028 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_ICON 0x00030c78 0x00042028 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_GROUP_ICON 0x00072ca0 0x0000003e LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_VERSION 0x00072ce0 0x000003a8 LANG_GERMAN SUBLANG_GERMAN data
RT_MANIFEST 0x00073088 0x000005d9 LANG_ENGLISH SUBLANG_ENGLISH_US ASCII text, with very long lines, with no line terminators

Imports

Library KERNEL32.DLL:
0x427048 GetProcAddress
0x42704c LoadLibraryA
0x427050 ExitProcess
!This program cannot be run in DOS mode.
`.idata
.itext
.edata
yRj=Dj
r,cYd
lYO[{&LIr
>(4QnZ
+&/}"]
1)WVn,
-\zbDT
An%s'L_
\3fKEr<<r.
F,w$Zjp
Otk?7aC
+0U/t^1
nM}Ps2
b_%vM;
BF5Mcds7
_@7lQfl
Ozfv80
JpHe"M
^}OA*g
]I9O<B:
oFf/c0
$^Q~Xp$
X.1@tXgM
d6nU]V%
W<^UY
59Ci8g
M-<O'n
)KE}q)
Jk6A0E
ED|P=)
[x1o(o
nFM**m
RA.F=D
&xS 00
FGTF!U
-3"3dac|e.J
K{<V$Iw
7IH/f7i
eCm0]s
#66OHL@C
K0-Q]%
ues$"{x`
LsIXLB
sZc&(__s
TP>2\t]
0o_Sr9\
DT"Au7
9$*V1
WN`}?&
VY[UG6
P2MFGnHZO
t8USfT`
q`NnUj
[Fw;FZ
>`A{g
?>sQ~\
w`8^E#
J=?ADua
]z*YO/\S
8`VRT<-
p'"|4pV
]bN56w
iFi>9@
d]o^*>
3XFk.x
#Tb(uj
{rgm"tw?c
+1U*A9
42bC',
:55|sC
Thm};;
"`Aa"8
n``D9|
;.)tpO
|Sq(}J
=p?B/8L
eSXL)KB
]r|7=L
L8Iu6M#UF
|52d\X
qg->\k
3|0.`h
O`,sT.
7{/m38
w]|{%C
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
2xv80KT
KERNEL32.DLL
GetProcAddress
LoadLibraryA
ExitProcess
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity version="1.0.0.0" processorArchitecture="*" name="TeamViewer_Desktop.exe" type="win32"></assemblyIdentity><description>TeamViewer</description><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="*" publicKeyToken="6595b64144ccf1df" language="*"></assemblyIdentity></dependentAssembly></dependency><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel></requestedPrivileges></security></trustInfo><asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3"><asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings"><dpiAware>True/PM</dpiAware></asmv3:windowsSettings></asmv3:application><compat:compatibility xmlns:compat="urn:schemas-microsoft-com:compatibility.v1"><compat:application><compat
DigiCert Inc1
www.digicert.com1.0,
%DigiCert Assured ID Code Signing CA-10
191219000000Z
201223120000Z0
Baden-W
rttemberg1
ppingen1 0
TeamViewer Germany GmbH1 0
TeamViewer Germany GmbH0
#7E>}O
*http://crl3.digicert.com/assured-cs-g1.crl00
*http://crl4.digicert.com/assured-cs-g1.crl0L
https://www.digicert.com/CPS0
http://ocsp.digicert.com0L
@http://cacerts.digicert.com/DigiCertAssuredIDCodeSigningCA-1.crt0
DigiCert Inc1
www.digicert.com1!0
DigiCert Assured ID CA-10
141022000000Z
241022000000Z0G1
DigiCert1%0#
DigiCert Timestamp Responder0
https://www.digicert.com/CPS0
2http://crl3.digicert.com/DigiCertAssuredIDCA-1.crl08
2http://crl4.digicert.com/DigiCertAssuredIDCA-1.crl0w
http://ocsp.digicert.com0A
5http://cacerts.digicert.com/DigiCertAssuredIDCA-1.crt0
iW!]4/q
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
110211120000Z
260210120000Z0o1
DigiCert Inc1
www.digicert.com1.0,
%DigiCert Assured ID Code Signing CA-10
.http://www.digicert.com/ssl-cps-repository.htm0
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0
j-#O7;
DigiCert Inc1
www.digicert.com1$0"
DigiCert Assured ID Root CA0
061110000000Z
211110000000Z0b1
DigiCert Inc1
www.digicert.com1!0
DigiCert Assured ID CA-10
.http://www.digicert.com/ssl-cps-repository.htm0
http://ocsp.digicert.com0C
7http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
4http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0:
4http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0
DigiCert Inc1
www.digicert.com1.0,
%DigiCert Assured ID Code Signing CA-1
http://www.teamviewer.com 0
DigiCert Inc1
www.digicert.com1!0
DigiCert Assured ID CA-1
200122150527Z0#
Yl G#R
VS_VERSION_INFO
StringFileInfo
080904b0
CompanyName
TeamViewer Germany GmbH
FileDescription
TeamViewer
FileVersion
15.2.2756.0
InternalName
TeamViewer
LegalCopyright
TeamViewer Germany GmbH
LegalTrademarks
TeamViewer
OriginalFilename
TeamViewer_Desktop.exe
PrivateBuild
TeamViewer Remote Control Application
ProductName
TeamViewer
ProductVersion
15.2.2756.0
VarFileInfo
Translation
RAny use of this Certificate constitutes acceptance of the DigiCert CP/CPS and the Relying Party Agreement which limit liability and are incorporated herein by reference
RAny use of this Certificate constitutes acceptance of the DigiCert CP/CPS and the Relying Party Agreement which limit liability and are incorporated herein by reference
RAny use of this Certificate constitutes acceptance of the DigiCert CP/CPS and the Relying Party Agreement which limit liability and are incorporated herein by reference
TeamViewe
Antivirus Signature
Bkav Clean
Lionic Clean
tehtris Generic.Malware
MicroWorld-eScan Trojan.Generic.32461068
ClamAV Clean
CMC Clean
CAT-QuickHeal Clean
McAfee RDN/Generic.dx
Malwarebytes Clean
VIPRE Trojan.Generic.32461068
Sangfor Riskware.Win32.Crampes.V06t
K7AntiVirus Riskware ( 0052f7bd1 )
BitDefender Trojan.Generic.32461068
K7GW Riskware ( 0052f7bd1 )
Cybereason malicious.bed03f
Baidu Clean
VirIT Clean
Cyren W32/ABRisk.FKUV-3613
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 Win32/RiskWare.PEMalform.J
APEX Malicious
Paloalto Clean
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan.Win32.Crampes.a
Alibaba Trojan:Win32/Crampes.46653f6f
NANO-Antivirus Clean
SUPERAntiSpyware Clean
Tencent Win32.Trojan.FalseSign.Ltgl
Ad-Aware Trojan.Generic.32461068
TACHYON Clean
Sophos Mal/Generic-S
Comodo Clean
F-Secure Clean
DrWeb Clean
Zillya Clean
TrendMicro Clean
McAfee-GW-Edition RDN/Generic.dx
Trapmine malicious.high.ml.score
FireEye Generic.mg.0c9df67f152a727b
Emsisoft Trojan.Generic.32461068 (B)
Ikarus Clean
Jiangmin Trojan.Crampes.ds
Webroot Clean
Avira Clean
Antiy-AVL Trojan/Win32.Dynamer
Kingsoft Clean
Microsoft Behavior:Win32/Nitol.gen!A
Gridinsoft Trojan.Win32.Agent.cl
Arcabit Trojan.Generic.D1EF510C
ViRobot Clean
ZoneAlarm HEUR:Trojan.Win32.Crampes.a
GData Trojan.Generic.32461068
Google Detected
AhnLab-V3 Trojan/Win.Generic.R539958
Acronis Clean
ALYac Clean
MAX malware (ai score=88)
VBA32 Clean
Cylance Unsafe
Panda Trj/CI.A
Zoner Clean
TrendMicro-HouseCall TROJ_GEN.R002H07LA22
Rising Trojan.Swrort!8.296 (TFE:2:CCuO7nvtECH)
Yandex Clean
SentinelOne Static AI - Suspicious PE
MaxSecure Clean
Fortinet MalwThreat!E1E6IV
BitDefenderTheta Gen:NN.ZexaCO.36106.xC1@aOz3kuFi
AVG Win32:Evo-gen [Trj]
Avast Win32:Evo-gen [Trj]
No IRMA results available.