Tesla/CryptoLocker Ransomware Removal Report

Technical Information

File System Details

Tesla/CryptoLocker Ransomware creates the following file(s):

#	File Name	MD5	Detection Count
1	syscop.exe	112a0c0def505c451ae38d3bfdf1bd4e	84
Name: syscop.exe MD5: 112a0c0def505c451ae38d3bfdf1bd4e Size: 250.96 KB (250961 bytes) Detection Count: 84 Type: Executable File Path: %APPDATA%\Microsoft\Crypto\ Group: Malware file Last Updated: May 8, 2020
2	safe00.exe	4f14e9c72c1593a178d8a5d3e36ad334	51
Name: safe00.exe MD5: 4f14e9c72c1593a178d8a5d3e36ad334 Size: 251.18 KB (251182 bytes) Detection Count: 51 Type: Executable File Path: %SystemDrive%\Users\Ankica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
3	Payload22.exe	7018ffe0b27a6ef44b117d4af65131bd	19
Name: Payload22.exe MD5: 7018ffe0b27a6ef44b117d4af65131bd Size: 355.32 KB (355328 bytes) Detection Count: 19 Type: Executable File Path: %APPDATA%\ Group: Malware file Last Updated: July 15, 2016
4	setap_c.exe	c5614b16ba6d272f6b4afe6aec9f35b1	14
Name: setap_c.exe MD5: c5614b16ba6d272f6b4afe6aec9f35b1 Size: 266.03 KB (266031 bytes) Detection Count: 14 Type: Executable File Path: %SystemDrive%\Users\Administrator.Archiv-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
5	Payload_c.exe	8e4c5d3d2f39223e5cd94f14573a6edf	14
Name: Payload_c.exe MD5: 8e4c5d3d2f39223e5cd94f14573a6edf Size: 254.46 KB (254464 bytes) Detection Count: 14 Type: Executable File Path: %SystemDrive%\Users\noelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: July 15, 2016
6	setap02.exe	53949ebc5fb47c3935b10cec7af22686	14
Name: setap02.exe MD5: 53949ebc5fb47c3935b10cec7af22686 Size: 251.18 KB (251186 bytes) Detection Count: 14 Type: Executable File Path: %SystemDrive%\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
7	Siddhi.exe	61e49800de3309c4868e6769412e6356	9
Name: Siddhi.exe MD5: 61e49800de3309c4868e6769412e6356 Size: 178.17 KB (178176 bytes) Detection Count: 9 Type: Executable File Path: %SystemDrive%\Users\info\AppData\Local\ Group: Malware file Last Updated: April 30, 2016
8	Payload.exe	325b40360e734dd1a6107c8237ebfb64	9
Name: Payload.exe MD5: 325b40360e734dd1a6107c8237ebfb64 Size: 292.83 KB (292834 bytes) Detection Count: 9 Type: Executable File Path: %SystemDrive%\Users\Jrodefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 22, 2016
9	Payload3.exe	ab36cbde836d67c5a7e145ae80518b35	5
Name: Payload3.exe MD5: ab36cbde836d67c5a7e145ae80518b35 Size: 271.36 KB (271360 bytes) Detection Count: 5 Type: Executable File Path: %SystemDrive%\Users\morlub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: July 15, 2016
10	setap00.exe	f2aedf8b08ba3b2f3140cb0bc377ea00	3
Name: setap00.exe MD5: f2aedf8b08ba3b2f3140cb0bc377ea00 Size: 253.95 KB (253952 bytes) Detection Count: 3 Type: Executable File Path: %SystemDrive%\Users\REMOTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
11	10_702a052b82756bcc7fb65feb9cb2a09dd355435bec8e4693552f757e28295a43.exe	408a8ff4b1c450a821b92fb6b0a82c5c	0
Name: 10_702a052b82756bcc7fb65feb9cb2a09dd355435bec8e4693552f757e28295a43.exe MD5: 408a8ff4b1c450a821b92fb6b0a82c5c Size: 414.62 KB (414628 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
12	10_ae9b21c99e2fe6de0b887fa770e3a8a9c97dd606b806e4034581ac9d49a20a39.exe	4b09737d16730f04f2b69a63b01a5c13	0
Name: 10_ae9b21c99e2fe6de0b887fa770e3a8a9c97dd606b806e4034581ac9d49a20a39.exe MD5: 4b09737d16730f04f2b69a63b01a5c13 Size: 372.73 KB (372736 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
13	11_c287134e0c88e25691c8c39ccf7e448ef9fb44cba42422e2a4629406f1edbb6d.exe	3211e1b4018a4d4a0b2e4b1e29ec8ba1	0
Name: 11_c287134e0c88e25691c8c39ccf7e448ef9fb44cba42422e2a4629406f1edbb6d.exe MD5: 3211e1b4018a4d4a0b2e4b1e29ec8ba1 Size: 372.73 KB (372736 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
14	11_c9542ebcb606682b97b83f914ced04549b032b3c9b343d3592281c4e594cbbeb.exe	ff8ed3c8f1986402dcf149032df03210	0
Name: 11_c9542ebcb606682b97b83f914ced04549b032b3c9b343d3592281c4e594cbbeb.exe MD5: ff8ed3c8f1986402dcf149032df03210 Size: 323.07 KB (323072 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
15	1_4899dea44c874d4904b68df43980fed064437952dadc96168e8c97e3818d780d.exe	8f0ff55fc8c1ab906e112e746c8ffb85	0
Name: 1_4899dea44c874d4904b68df43980fed064437952dadc96168e8c97e3818d780d.exe MD5: 8f0ff55fc8c1ab906e112e746c8ffb85 Size: 389.12 KB (389120 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
16	2_0e3a91c7461752d0c495e11b5ffe512385263ed3bf28510aca5cb77cc1afa907.exe	856e51733c368c88dc6dfd657ffd4a6b	0
Name: 2_0e3a91c7461752d0c495e11b5ffe512385263ed3bf28510aca5cb77cc1afa907.exe MD5: 856e51733c368c88dc6dfd657ffd4a6b Size: 408.62 KB (408620 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
17	2_6562d8de8ea44f51efb85a00e9a2029f5413d2eb740f22c4306bdbff3fe1c85d.exe	cf38ed088d7bc49c32fd4fbff2cff45b	0
Name: 2_6562d8de8ea44f51efb85a00e9a2029f5413d2eb740f22c4306bdbff3fe1c85d.exe MD5: cf38ed088d7bc49c32fd4fbff2cff45b Size: 327.16 KB (327168 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
18	3_17900b53a17dcc95a5859099faaab1373a3b32238d609dc17aa979c99616d191.exe	ea732ad2760b80088dae0426ace6f18c	0
Name: 3_17900b53a17dcc95a5859099faaab1373a3b32238d609dc17aa979c99616d191.exe MD5: ea732ad2760b80088dae0426ace6f18c Size: 372.73 KB (372736 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
19	4_5b4b4b053afac29e5feead93c2c10da0f67c525e592a8b7034e906137656d435.exe	be2793f99d75b58c973e8252f40811d8	0
Name: 4_5b4b4b053afac29e5feead93c2c10da0f67c525e592a8b7034e906137656d435.exe MD5: be2793f99d75b58c973e8252f40811d8 Size: 407.77 KB (407770 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
20	5_b8d0aa06fc1f7d78280880e88ce2f564b527ae739e5b11bdf1affc15118124a1.exe	f53bfff25831e0e05045f83d6c951f3f	0
Name: 5_b8d0aa06fc1f7d78280880e88ce2f564b527ae739e5b11bdf1affc15118124a1.exe MD5: f53bfff25831e0e05045f83d6c951f3f Size: 389.12 KB (389120 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
21	8_6973fb022aa0b541bedabbbc244509de3f3b19808c8c950a77655df3340b13c6.exe	32eb6c3b8e00088034c80bdc445aec77	0
Name: 8_6973fb022aa0b541bedabbbc244509de3f3b19808c8c950a77655df3340b13c6.exe MD5: 32eb6c3b8e00088034c80bdc445aec77 Size: 326.65 KB (326656 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
22	9_0578218ea6becbefe26607477c8641197ee9cf757559aa634e1e3bac5b2a9700.exe	cfd35b509d85247333883c332d42029c	0
Name: 9_0578218ea6becbefe26607477c8641197ee9cf757559aa634e1e3bac5b2a9700.exe MD5: cfd35b509d85247333883c332d42029c Size: 382.97 KB (382976 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
23	9_99f2a8cbcf830591c9d798db8646d6df8db498e5f904857c4e50ef65dc34d2d9.exe	673905c340399c56c1933d1b302015bc	0
Name: 9_99f2a8cbcf830591c9d798db8646d6df8db498e5f904857c4e50ef65dc34d2d9.exe MD5: 673905c340399c56c1933d1b302015bc Size: 405.17 KB (405173 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
24	aee031587a65e5143c2e3dff967243242ee112414d72525fb21adb9c90968e14.exe	e52eac156a0e4a63eab0b7b15e49b52f	0
Name: aee031587a65e5143c2e3dff967243242ee112414d72525fb21adb9c90968e14.exe MD5: e52eac156a0e4a63eab0b7b15e49b52f Size: 417.11 KB (417110 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
25	b2e5b896cab4ec5efbc17156fda6610db29b6567ebc0d4f7ffad3a49c5d1d32c.exe	ca10daa30fc6a7362cbbe3beceaa0f83	0
Name: b2e5b896cab4ec5efbc17156fda6610db29b6567ebc0d4f7ffad3a49c5d1d32c.exe MD5: ca10daa30fc6a7362cbbe3beceaa0f83 Size: 414.62 KB (414628 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
26	b90cd4196a296ea48d068260810b20cfd80c40b9f14f123f61629f360fad050a.exe	aa603f7f880a1386a6e496a7c8aa927b	0
Name: b90cd4196a296ea48d068260810b20cfd80c40b9f14f123f61629f360fad050a.exe MD5: aa603f7f880a1386a6e496a7c8aa927b Size: 417.11 KB (417110 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
27	bfd9843f266e28caa90632742523045f59c21d100d582e89c0a2d402e30f4f10.exe	5d775cefc2e47a2f6516a9d33187d580	0
Name: bfd9843f266e28caa90632742523045f59c21d100d582e89c0a2d402e30f4f10.exe MD5: 5d775cefc2e47a2f6516a9d33187d580 Size: 407.42 KB (407428 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
28	c6797d3159336b1871daaa8d73ad6b4032eb90a7a9dd053f103c13808b73c830.exe	00554b7653f4cbda353e0169b0e73c86	0
Name: c6797d3159336b1871daaa8d73ad6b4032eb90a7a9dd053f103c13808b73c830.exe MD5: 00554b7653f4cbda353e0169b0e73c86 Size: 414.62 KB (414628 bytes) Detection Count: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016

More files

Registry Details

Tesla/CryptoLocker Ransomware creates the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].html

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].txt

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].html

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].txt

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\payload[RANDOM CHARACTERS].exe

%APPDATA%\payload[RANDOM CHARACTERS].exe

%USERPROFILE%\DESKTOP\CryptoLocker.lnk

%USERPROFILE%\DESKTOP\HELP_TO_DECRYPT_YOUR_FILES.bmp

%USERPROFILE%\DESKTOP\HELP_TO_DECRYPT_YOUR_FILES.txt

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Ranking:	9,548
Threat Level:	100 % (High)
Infected Computers:	916

First Seen:	February 27, 2015
Last Seen:	July 5, 2021

Tesla/CryptoLocker Ransomware

Technical Information

File System Details

Registry Details

Site Disclaimer

Your comment is awaiting moderation.

Please verify that you are not a robot.

Leave a Reply

EnigmaSoft Threat Scorecard

Popular Malware

Popular Trojans

Popular Ransomware

Popular Issues

Popular How-Tos

Products

Malware Research

Company

Legal