5529c2820a626ba0a3a9fcf82cc53e12bbe21de3c0c11e3f775a0ecfa12eeaca | Triage

Submit
Reports

Overview

overview

Static

static

5529c2820a...ca.exe

windows7-x64

5529c2820a...ca.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5529c2820a626ba0a3a9fcf82cc53e12bbe21de3c0c11e3f775a0ecfa12eeaca.exe

Resource

win7-20220715-en

teslacrypt persistence ransomware spyware stealer

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

5529c2820a626ba0a3a9fcf82cc53e12bbe21de3c0c11e3f775a0ecfa12eeaca.exe

Resource

win10v2004-20220721-en

teslacrypt persistence ransomware spyware stealer

windows10-2004-x64

20 signatures

150 seconds

General

Target

5529c2820a626ba0a3a9fcf82cc53e12bbe21de3c0c11e3f775a0ecfa12eeaca
Size

368KB
MD5

742b46e5aca6f3b85a306d955ec82903
SHA1

48727b21b0ece46fb80b450a586cdc38fb8e9830
SHA256

5529c2820a626ba0a3a9fcf82cc53e12bbe21de3c0c11e3f775a0ecfa12eeaca
SHA512

35f6137018d5a5133b41875ea6e4d6707c8f41fcd4897467335db4aa290cd1573e587e79d6a399878591dbc91cdc0d5a51493725732641a30dff464c0bf50761
SSDEEP

6144:4dp8rEHy/RucZDj7tR49k1dMflnnnl8nq5sIDc9IQ4rmSfZd+nDKuNAvwu:4d+Ky/RucZT6uYnnnl8q2IDc9IQ4rjm4

Score

N/A

Malware Config

Signatures

Files

5529c2820a626ba0a3a9fcf82cc53e12bbe21de3c0c11e3f775a0ecfa12eeaca
.exe windows x86

ae2c6ac87c067dc56504abecfd4e3697

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

CoFreeLibrary

comdlg32

ChooseColorW

imm32

ImmSetStatusWindowPos

kernel32

GlobalMemoryStatus
CreateTapePartition
FindNextVolumeMountPointA
CreateEventW

setupapi

SetupDiGetActualSectionToInstallA

urlmon

CoInternetCreateZoneManager

shell32

SHFileOperationA

clusapi

GetClusterResourceKey

msvcrt

memcpy
memset

ntdsapi

DsFreeSpnArrayW

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ordo
Size: 4KB - Virtual size: 731B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.t
Size: 4KB - Virtual size: 49B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy