5ee4d17382bb8bcfa329642d674354d3bee5604040f448dfc8bea842c8b3e22a | Triage

Submit
Reports

Overview

overview

Static

static

5ee4d17382...2a.exe

windows7-x64

5ee4d17382...2a.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5ee4d17382bb8bcfa329642d674354d3bee5604040f448dfc8bea842c8b3e22a.exe

Resource

win7-20220718-en

teslacrypt persistence ransomware

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

5ee4d17382bb8bcfa329642d674354d3bee5604040f448dfc8bea842c8b3e22a.exe

Resource

win10v2004-20220721-en

teslacrypt persistence ransomware

windows10-2004-x64

12 signatures

150 seconds

General

Target

5ee4d17382bb8bcfa329642d674354d3bee5604040f448dfc8bea842c8b3e22a
Size

360KB
MD5

6fcb392b496137c59e929e4f06de95e9
SHA1

1da050f1caa6985bfab7249557ef59d6073ce1a5
SHA256

5ee4d17382bb8bcfa329642d674354d3bee5604040f448dfc8bea842c8b3e22a
SHA512

451c689cf8c15edf716627dc10659415554f2e1a943b63be34cfecd1a684a37556df96d65b8f57c61cbad079f15c5ffb58f1b2e9438c3cd718cfa2194a201469
SSDEEP

6144:8fwI6Vu9NcSCli4OfURYTa4gbD477Zs4V160NUo4/LO8mQhZn4RogfEh5RBV:8fw/X9RA/gI77Zs2Ai6O8mKZ4fEhlV

Score

N/A

Malware Config

Signatures

Files

5ee4d17382bb8bcfa329642d674354d3bee5604040f448dfc8bea842c8b3e22a
.exe windows x86

ed4ca23a5a267fed57bbbe6507af3d95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenFileMappingW
FreeLibrary
GetExitCodeProcess
TerminateProcess
GetLastError
GetCurrentProcessId
SetEvent
GetProcAddress
UnhandledExceptionFilter
CreateEventW
GetModuleHandleA
UnmapViewOfFile
CreateThread
GetNumberFormatW
LocalAlloc
GetCurrentThreadId
MapViewOfFile
VirtualProtect
GetCommandLineW
lstrlenW
FreeConsole
VirtualQuery

user32

GetClassNameA
GetShellWindow

pdh

PdhReadRawLogRecord

msvcrt

memcpy

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

O_8!Iz
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy