421f75f77c368d6cddcc41d6b90583d23c7a4bdcff60fef41c465758d36995e4 | Triage

Submit
Reports

Overview

overview

Static

static

421f75f77c...e4.exe

windows7_x64

421f75f77c...e4.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

421f75f77c368d6cddcc41d6b90583d23c7a4bdcff60fef41c465758d36995e4.exe

Resource

win7-20220414-en

teslacrypt persistence ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

421f75f77c368d6cddcc41d6b90583d23c7a4bdcff60fef41c465758d36995e4.exe

Resource

win10v2004-20220414-en

teslacrypt persistence ransomware suricata

windows10-2004_x64

0 signatures

0 seconds

General

Target

421f75f77c368d6cddcc41d6b90583d23c7a4bdcff60fef41c465758d36995e4
Size

344KB
MD5

1f311617d8a88f03e86576bd13680834
SHA1

53037f750f4c1cb4c527792c02b1878a5ffcf0e3
SHA256

421f75f77c368d6cddcc41d6b90583d23c7a4bdcff60fef41c465758d36995e4
SHA512

0b5408aa72b44c2a11d97ad936600ac968f0d34d2dc242614cf15bf83fc27e6d066c164bc901b29c4e303f4a43e4839c9dd8a110ac32819f0eb5203cc1c39939
SSDEEP

6144:Qpvgn6rzHkwK02h1Vq6Oqh4xw3U9q/wGRF2uSw4XuuBthViqRktAd0g2Gay8N8+:Qpm0EwD2vOqaxC/wGRF2uSwqB/08khn

Score

N/A

Malware Config

Signatures

Files

421f75f77c368d6cddcc41d6b90583d23c7a4bdcff60fef41c465758d36995e4
.exe windows x86

bc1ba0536a26c69811e2e198bca5c308

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InSendMessage
SendNotifyMessageA
ShowCaret

advapi32

BuildExplicitAccessWithNameA
GetTrusteeFormA
GetServiceKeyNameA
GetServiceDisplayNameA
BuildTrusteeWithNameA

kernel32

GetStringTypeA
Process32Next
SetCalendarInfoA
lstrcpyn
GetDriveTypeW
Thread32Next

netapi32

NetServerEnum

mpr

WNetConnectionDialog1A
WNetCancelConnectionA
WNetAddConnection2A
WNetCancelConnection2A
WNetGetProviderNameA

mfc42

ord4486
ord1576
ord561
ord3738
ord4424
ord1017
ord4080
ord3079
ord3825
ord3831
ord3830
ord1065
ord2976
ord3081
ord2985
ord3262
ord1029
ord4465
ord3259
ord1091
ord2982
ord1052
ord5714
ord1070
ord5307
ord4698
ord815
ord6375
ord1168
ord2554
ord1073
ord5731
ord3922
ord1089
ord1098
ord2396
ord3346
ord1002
ord5302
ord2725
ord1074

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy