5307f912093997ab9e09c1e98e389e5a9c5c5e0e84e11afa4a6e0eca4c7b893e | Triage

Submit
Reports

Overview

overview

Static

static

5307f91209...3e.exe

windows7-x64

5307f91209...3e.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5307f912093997ab9e09c1e98e389e5a9c5c5e0e84e11afa4a6e0eca4c7b893e.exe

Resource

win7-20220715-en

teslacrypt persistence ransomware suricata

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

5307f912093997ab9e09c1e98e389e5a9c5c5e0e84e11afa4a6e0eca4c7b893e.exe

Resource

win10v2004-20220414-en

teslacrypt persistence ransomware suricata

windows10-2004-x64

14 signatures

150 seconds

General

Target

5307f912093997ab9e09c1e98e389e5a9c5c5e0e84e11afa4a6e0eca4c7b893e
Size

304KB
MD5

432872b2cf164b339b3e9b74d645ab55
SHA1

d4675b9fc6ac2032580abd6ff5a2917589adc11b
SHA256

5307f912093997ab9e09c1e98e389e5a9c5c5e0e84e11afa4a6e0eca4c7b893e
SHA512

0a0fd48f9ba86dbbf6b923eb8b90cf2de5cc24209acd55897ed994839b1bf8aaa2dc3adba7c39e1436d828b0d6a6ab5ab555f19a6d95e4e8cbd1f94b235dbe67
SSDEEP

6144:RNhLXrSGL9JvGQAvZ0joH5B7CYCG6c0uBprgbzs0DadRYT:RzSGpt6hEoH5BhCGuuBpr6Da0T

Score

N/A

Malware Config

Signatures

Files

5307f912093997ab9e09c1e98e389e5a9c5c5e0e84e11afa4a6e0eca4c7b893e
.exe windows x86

f1f11b4f40765db2ce05b613a3a01599

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

QueryServiceConfigW
InitializeSid
AllocateAndInitializeSid
LockServiceDatabase
StartServiceA
LogonUserA
OpenSCManagerA
AddAce
AdjustTokenPrivileges
GetSidSubAuthority
RegCreateKeyA
ControlService
InitializeSecurityDescriptor
GetFileSecurityW
RegSetKeySecurity
RegQueryValueA
CreateServiceW
RegEnumKeyW
QueryServiceStatus
ChangeServiceConfigA
StartServiceCtrlDispatcherA
ReportEventA
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegQueryInfoKeyA
LookupPrivilegeValueA
EnumDependentServicesA
ChangeServiceConfigW
RegConnectRegistryA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_y0
fgetpos
_cabs
signal
ldiv
_creat
_spawnve
_ultow

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy