5a48d53f00afd3a50f06138ba37ca6bb5ff38011801879bdb94215ab8bfdf634 | Triage

Submit
Reports

Overview

overview

Static

static

5a48d53f00...34.exe

windows7-x64

5a48d53f00...34.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a48d53f00afd3a50f06138ba37ca6bb5ff38011801879bdb94215ab8bfdf634.exe

Resource

win7-20220718-en

teslacrypt persistence ransomware

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a48d53f00afd3a50f06138ba37ca6bb5ff38011801879bdb94215ab8bfdf634.exe

Resource

win10v2004-20220721-en

teslacrypt persistence ransomware

windows10-2004-x64

12 signatures

150 seconds

General

Target

5a48d53f00afd3a50f06138ba37ca6bb5ff38011801879bdb94215ab8bfdf634
Size

328KB
MD5

452e6b32cf0172170701558e2333d016
SHA1

a9aa39a0765947e12a1475a59740c6de5bb5e7ec
SHA256

5a48d53f00afd3a50f06138ba37ca6bb5ff38011801879bdb94215ab8bfdf634
SHA512

993b3147e0e45444c6f38f917e2bb92d8c63097b1276e6087df19d7396bc06e07d2bd1e9a823649a1d4a1e4037b7845bc8ca7205d8ace8dae07a298116a850e3
SSDEEP

6144:FBJ3pE73WtFGT0G25lS4bv+r3nzxiag/QJSG2wvq209GxHFUoFY2G:rBeTEMT0Gy+Prg/9tWq9Mqoi

Score

N/A

Malware Config

Signatures

Files

5a48d53f00afd3a50f06138ba37ca6bb5ff38011801879bdb94215ab8bfdf634
.exe windows x86

ce35ec2cf14e54bc87d971ce17cc667d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupInstallServicesFromInfSectionExW

user32

FindWindowW

shell32

Shell_NotifyIconA

kernel32

LoadLibraryW
FreeLibrary
GetExitCodeThread
WaitForSingleObject
CreateThread
SetDefaultCommConfigA
LCMapStringA
CopyFileW
MoveFileWithProgressW

ole32

StgConvertPropertyToVariant

msvcrt

memcmp
mblen
iswalpha
labs

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

acab
Size: 4KB - Virtual size: 421B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

abac
Size: 4KB - Virtual size: 38B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy