612133a91963253d742c842c7f89d597104306b7afa2963666bf8911b35b4cf5 | Triage

Submit
Reports

Overview

overview

Static

static

612133a919...f5.exe

windows7-x64

612133a919...f5.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

612133a91963253d742c842c7f89d597104306b7afa2963666bf8911b35b4cf5.exe

Resource

win7-20220718-en

teslacrypt persistence ransomware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

612133a91963253d742c842c7f89d597104306b7afa2963666bf8911b35b4cf5.exe

Resource

win10v2004-20220721-en

teslacrypt persistence ransomware spyware stealer

windows10-2004-x64

13 signatures

150 seconds

General

Target

612133a91963253d742c842c7f89d597104306b7afa2963666bf8911b35b4cf5
Size

360KB
MD5

5ca0b98900e176bc3824d22ecce0329d
SHA1

1c99b14ea6e07614cc61d04cc67253a015b89c50
SHA256

612133a91963253d742c842c7f89d597104306b7afa2963666bf8911b35b4cf5
SHA512

0be492a54a37f06984d0b3b734fbd97b51066cab55b52a165b468c69c8cbb9f5ad0d4c310e04bd35e5c508eae15a80d6d7be06f7768566d1b6f9bc770e8ffe75
SSDEEP

6144:+fwI6Vu9NcSCli4OfURYTa4gbD477Zs4V160NUo4/LO8mQhZn4RogfEh5RBV:+fw/X9RA/gI77Zs2Ai6O8mKZ4fEhlV

Score

N/A

Malware Config

Signatures

Files

612133a91963253d742c842c7f89d597104306b7afa2963666bf8911b35b4cf5
.exe windows x86

ed4ca23a5a267fed57bbbe6507af3d95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenFileMappingW
FreeLibrary
GetExitCodeProcess
TerminateProcess
GetLastError
GetCurrentProcessId
SetEvent
GetProcAddress
UnhandledExceptionFilter
CreateEventW
GetModuleHandleA
UnmapViewOfFile
CreateThread
GetNumberFormatW
LocalAlloc
GetCurrentThreadId
MapViewOfFile
VirtualProtect
GetCommandLineW
lstrlenW
FreeConsole
VirtualQuery

user32

GetClassNameA
GetShellWindow

pdh

PdhReadRawLogRecord

msvcrt

memcpy

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

O_8!Iz
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy