TeamViewer.exe

TeamViewer

TeamViewer

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘TeamViewer 9’. This is installed with multiple programs including Team Viewer and TeamViewer 9. The file has been seen being downloaded from www.stdobrasil.com.br.
Publisher:
TeamViewer GmbH  (signed by TeamViewer)

Product:
TeamViewer

Description:
TeamViewer 9

Version:
9.0.32494.0

MD5:
12220ba871c6d7bae08ffdd137bab697

SHA-1:
4bfbd717abeb2f8c7f1d6291e7453d1c73d43a01

SHA-256:
69686d8aece754bb23676c1b0feebbbf3fcdae6a99ebb493a18d2e0271f3f858

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:57:52 PM UTC  (today)

File size:
12.9 MB (13,559,056 bytes)

Product version:
9.0

Copyright:
TeamViewer GmbH

Trademarks:
TeamViewer

Original file name:
TeamViewer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\Program Files\teamviewer\version9\teamviewer.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/29/2014 7:00:00 PM

Valid to:
9/5/2017 6:59:59 PM

Subject:
CN=TeamViewer, O=TeamViewer, L=Goeppingen, S=Baden Wuerttemberg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
56729300C78306C4267CA44A10ADCD03

File PE Metadata
Compilation timestamp:
9/12/2014 1:13:23 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:MdyhtgKEdjgve48rX3yF8WA/j8+sY+W4bUBNdoAqgVw:Matyjr40jWAJsY+Wa8NddqgVw

Entry address:
0x813EB8

Entry point:
E8, F1, 2C, 01, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 78, A1, FC, 00, E8, 52, 46, 00, 00, E8, DF, 36, 00, 00, 0F, B7, F0, 6A, 02, E8, 84, 2C, 01, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 4E, 46, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.6091

Code size:
9.4 MB (9,817,088 bytes)

Scheduled Task
Task name:
TeamView

Trigger:
Boot (Runs on boot)


2 Startup Files (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TeamViewer 9

Command:
C:\Program Files\teamviewer\version9\teamviewer.exe

Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TeamViewer

Command:
C:\programas\teamviewer\version9\teamviewer.exe


User Start Menu Item
Name:
TeamViewer.exe


5 Windows Firewall Allowed Programs
Name:
C:\Program Files\TeamViewer\Version9\TeamViewer.exe

Name:
F:\Program Files\TeamViewer\Version9\TeamViewer.exe

Name:
C:\Programas\TeamViewer\Version9\TeamViewer.exe

Name:
C:\Programme\TeamViewer\Version9\TeamViewer.exe

Name:
D:\Program Files\TeamViewer\Version9\TeamViewer.exe


The file TeamViewer.exe has been discovered within the following programs.

Team Viewer  by TeamViewer GmbH
12% remove it
TeamViewer 9  by TeamViewer GmbH
Publisher's description - “Remote control any computer or Mac over the internet within seconds or use TeamViewer for online meetings. Open multiple remote sessions in tabs, just like in your browser.”
www.TeamViewer.com
6% remove it
 
Powered by Should I Remove It?

The file TeamViewer.exe has been seen being distributed by the following URL.

http://www.stdobrasil.com.br/bee/wp-content/themes/suntech/suporte/Programas e Drivers/.../TeamViewer.exe