47a168d0a5299c1f6d4841311ce175c72a7363098fe782e1abe4eb2de53be8e6 | Triage

Submit
Reports

Overview

overview

Static

static

47a168d0a5...e6.exe

windows7_x64

47a168d0a5...e6.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

47a168d0a5299c1f6d4841311ce175c72a7363098fe782e1abe4eb2de53be8e6.exe

Resource

win7-20220414-en

teslacrypt persistence ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

47a168d0a5299c1f6d4841311ce175c72a7363098fe782e1abe4eb2de53be8e6.exe

Resource

win10v2004-20220414-en

teslacrypt persistence ransomware suricata

windows10-2004_x64

0 signatures

0 seconds

General

Target

47a168d0a5299c1f6d4841311ce175c72a7363098fe782e1abe4eb2de53be8e6
Size

364KB
MD5

2ebaf4d6f316462ae3552ef2ec6397eb
SHA1

1f77fb6476a1fc8ccfa6f30eddb77962d63f8c57
SHA256

47a168d0a5299c1f6d4841311ce175c72a7363098fe782e1abe4eb2de53be8e6
SHA512

1f7c43a1e74a57188ae2133c489775ec8d91449d611f015660ec4e00f7a9a37218f808a1f0b7a1186d2e6acaef5c83866b1b677b5523d64b818acefbb756ea26
SSDEEP

6144:zVJd557d0WS7HGaLxzJwfBiTSZu+veqQvzv59pGIO7YDYS8:zXv5CWS7HGCJwJVB2qifYYDG

Score

N/A

Malware Config

Signatures

Files

47a168d0a5299c1f6d4841311ce175c72a7363098fe782e1abe4eb2de53be8e6
.exe windows x86

828084a59ff0f074cd864457751f5419

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassNameA
GetShellWindow

kernel32

GetLastError
VirtualQuery
FreeConsole
GetExitCodeProcess
GetCurrentProcessId
GetNumberFormatW
TerminateProcess
CreateThread
LocalAlloc
GetCurrentThreadId
SetEvent
FreeLibrary
OpenFileMappingW
GetModuleHandleA
CreateEventW
lstrlenW
MapViewOfFile
GetProcAddress
UnmapViewOfFile
UnhandledExceptionFilter
VirtualProtect
GetCommandLineW

msvcrt

memcpy

pdh

PdhReadRawLogRecord

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

O_8!Iz
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy