5a0e56ade0fd3259f3ee630111ba370a509a78e60d6e3cbd2c6a74ede64ab310 | Triage

Submit
Reports

Overview

overview

Static

static

5a0e56ade0...10.exe

windows7-x64

5a0e56ade0...10.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a0e56ade0fd3259f3ee630111ba370a509a78e60d6e3cbd2c6a74ede64ab310.exe

Resource

win7-20220715-en

teslacrypt persistence ransomware spyware stealer suricata

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a0e56ade0fd3259f3ee630111ba370a509a78e60d6e3cbd2c6a74ede64ab310.exe

Resource

win10v2004-20220721-en

teslacrypt persistence ransomware spyware stealer suricata

windows10-2004-x64

16 signatures

150 seconds

General

Target

5a0e56ade0fd3259f3ee630111ba370a509a78e60d6e3cbd2c6a74ede64ab310
Size

360KB
MD5

5d73b551f8c6abd194d9bffe8ec1968a
SHA1

ed3cceaee93ed29d06c05784cb870a56b529b148
SHA256

5a0e56ade0fd3259f3ee630111ba370a509a78e60d6e3cbd2c6a74ede64ab310
SHA512

3d996a38c15801ba9a96cee6bbb33128a9f5431102c2d3ca265f709269b54c12862d2a545951c0abba76ced582d90e57d226988fcc4ecdb4ba7dca36c43e0f7c
SSDEEP

6144:Hdm3S6zJVze75l3XnM++GvyNFi/kF3O+U7rGhYMTdiUF/6:96KnZKN0MMLruYMTdi8/6

Score

N/A

Malware Config

Signatures

Files

5a0e56ade0fd3259f3ee630111ba370a509a78e60d6e3cbd2c6a74ede64ab310
.exe windows x86

b34f437b6d98b5adb2247709875bf81f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MapViewOfFile
TerminateProcess
OpenFileMappingW
CreateThread
GetProcAddress
UnhandledExceptionFilter
CreateEventW
LocalAlloc
UnmapViewOfFile
GetCurrentThreadId
GetNumberFormatW
GetCurrentProcessId
GetLastError
SetEvent
FreeLibrary
GetModuleHandleA
GetExitCodeProcess
VirtualProtect
VirtualQuery
GetCommandLineW
lstrlenW
FreeConsole

pdh

PdhReadRawLogRecord

msvcrt

memcpy

user32

GetClassNameA
GetShellWindow

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

O_8!Iz
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy