Tesla/CryptoLocker Ransomware

By CagedTech in Ransomware

Threat Scorecard

Ranking:	15,266
Threat Level:	100 % (High)
Infected Computers:	930

First Seen:	February 27, 2015
Last Seen:	October 31, 2022
OS(es) Affected:	Windows

SpyHunter Detects & Remove Tesla/CryptoLocker Ransomware

File System Details

Tesla/CryptoLocker Ransomware creates the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	syscop.exe	112a0c0def505c451ae38d3bfdf1bd4e	84
Name: syscop.exe MD5: 112a0c0def505c451ae38d3bfdf1bd4e Size: 250.96 KB (250961 bytes) Computers: 84 Type: Executable File Path: %APPDATA%\Microsoft\Crypto\ Group: Malware file Last Updated: May 8, 2020
2.	setap_c.exe	5b3eb320b4bb42be530df72efe5cb8c1	53
Name: setap_c.exe MD5: 5b3eb320b4bb42be530df72efe5cb8c1 Size: 254.46 KB (254464 bytes) Computers: 53 Type: Executable File Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
3.	safe00.exe	4f14e9c72c1593a178d8a5d3e36ad334	51
Name: safe00.exe MD5: 4f14e9c72c1593a178d8a5d3e36ad334 Size: 251.18 KB (251182 bytes) Computers: 51 Type: Executable File Path: %SystemDrive%\Users\Ankica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
4.	setap00.exe	eb60d7e742bdfe33d758279086706091	25
Name: setap00.exe MD5: eb60d7e742bdfe33d758279086706091 Size: 251.69 KB (251692 bytes) Computers: 25 Type: Executable File Path: %WINDIR%\System32\ Group: Malware file Last Updated: June 14, 2016
5.	Payload22.exe	7018ffe0b27a6ef44b117d4af65131bd	19
Name: Payload22.exe MD5: 7018ffe0b27a6ef44b117d4af65131bd Size: 355.32 KB (355328 bytes) Computers: 19 Type: Executable File Path: %APPDATA%\ Group: Malware file Last Updated: July 15, 2016
6.	Payload.exe	87a34f1943a70279f4340ea5817993ad	15
Name: Payload.exe MD5: 87a34f1943a70279f4340ea5817993ad Size: 293.35 KB (293354 bytes) Computers: 15 Type: Executable File Group: Malware file Last Updated: July 15, 2016
7.	setap_c.exe	c5614b16ba6d272f6b4afe6aec9f35b1	14
Name: setap_c.exe MD5: c5614b16ba6d272f6b4afe6aec9f35b1 Size: 266.03 KB (266031 bytes) Computers: 14 Type: Executable File Path: %SystemDrive%\Users\Administrator.Archiv-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
8.	Payload_c.exe	8e4c5d3d2f39223e5cd94f14573a6edf	14
Name: Payload_c.exe MD5: 8e4c5d3d2f39223e5cd94f14573a6edf Size: 254.46 KB (254464 bytes) Computers: 14 Type: Executable File Path: %SystemDrive%\Users\noelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: July 15, 2016
9.	setap02.exe	53949ebc5fb47c3935b10cec7af22686	14
Name: setap02.exe MD5: 53949ebc5fb47c3935b10cec7af22686 Size: 251.18 KB (251186 bytes) Computers: 14 Type: Executable File Path: %SystemDrive%\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
10.	Siddhi.exe	61e49800de3309c4868e6769412e6356	9
Name: Siddhi.exe MD5: 61e49800de3309c4868e6769412e6356 Size: 178.17 KB (178176 bytes) Computers: 9 Type: Executable File Path: %SystemDrive%\Users\info\AppData\Local\ Group: Malware file Last Updated: April 30, 2016
11.	Payload.exe	325b40360e734dd1a6107c8237ebfb64	9
Name: Payload.exe MD5: 325b40360e734dd1a6107c8237ebfb64 Size: 292.83 KB (292834 bytes) Computers: 9 Type: Executable File Path: %SystemDrive%\Users\Jrodefer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 22, 2016
12.	Payload_c.exe	c05d574ca856193fa56db0d8df0d0413	8
Name: Payload_c.exe MD5: c05d574ca856193fa56db0d8df0d0413 Size: 263.47 KB (263471 bytes) Computers: 8 Type: Executable File Path: %SystemDrive%\Users\wiedza\AppData\Roaming\ Group: Malware file Last Updated: July 15, 2016
13.	Payload.exe	e732ae87a7c9bb7b7cada6310405a0a0	6
Name: Payload.exe MD5: e732ae87a7c9bb7b7cada6310405a0a0 Size: 199.16 KB (199168 bytes) Computers: 6 Type: Executable File Path: %SystemDrive%\Users\Regente\AppData\Roaming\ Group: Malware file Last Updated: July 15, 2016
14.	Payload3.exe	ab36cbde836d67c5a7e145ae80518b35	5
Name: Payload3.exe MD5: ab36cbde836d67c5a7e145ae80518b35 Size: 271.36 KB (271360 bytes) Computers: 5 Type: Executable File Path: %SystemDrive%\Users\morlub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: July 15, 2016
15.	Payload.exe	2acc10b7916dba194aa3a19f548d10db	4
Name: Payload.exe MD5: 2acc10b7916dba194aa3a19f548d10db Size: 292.82 KB (292824 bytes) Computers: 4 Type: Executable File Path: %SystemDrive%\Users\shop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 22, 2016
16.	setap00.exe	f2aedf8b08ba3b2f3140cb0bc377ea00	3
Name: setap00.exe MD5: f2aedf8b08ba3b2f3140cb0bc377ea00 Size: 253.95 KB (253952 bytes) Computers: 3 Type: Executable File Path: %SystemDrive%\Users\REMOTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 14, 2016
17.	Payload.exe	8d386b0a03c9a408a754b008e04fcfad	2
Name: Payload.exe MD5: 8d386b0a03c9a408a754b008e04fcfad Size: 114.68 KB (114688 bytes) Computers: 2 Type: Executable File Path: %SystemDrive%\Users\PDVSUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Group: Malware file Last Updated: June 22, 2016
18.	10_702a052b82756bcc7fb65feb9cb2a09dd355435bec8e4693552f757e28295a43.exe	408a8ff4b1c450a821b92fb6b0a82c5c	0
Name: 10_702a052b82756bcc7fb65feb9cb2a09dd355435bec8e4693552f757e28295a43.exe MD5: 408a8ff4b1c450a821b92fb6b0a82c5c Size: 414.62 KB (414628 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
19.	10_ae9b21c99e2fe6de0b887fa770e3a8a9c97dd606b806e4034581ac9d49a20a39.exe	4b09737d16730f04f2b69a63b01a5c13	0
Name: 10_ae9b21c99e2fe6de0b887fa770e3a8a9c97dd606b806e4034581ac9d49a20a39.exe MD5: 4b09737d16730f04f2b69a63b01a5c13 Size: 372.73 KB (372736 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
20.	11_c287134e0c88e25691c8c39ccf7e448ef9fb44cba42422e2a4629406f1edbb6d.exe	3211e1b4018a4d4a0b2e4b1e29ec8ba1	0
Name: 11_c287134e0c88e25691c8c39ccf7e448ef9fb44cba42422e2a4629406f1edbb6d.exe MD5: 3211e1b4018a4d4a0b2e4b1e29ec8ba1 Size: 372.73 KB (372736 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
21.	11_c9542ebcb606682b97b83f914ced04549b032b3c9b343d3592281c4e594cbbeb.exe	ff8ed3c8f1986402dcf149032df03210	0
Name: 11_c9542ebcb606682b97b83f914ced04549b032b3c9b343d3592281c4e594cbbeb.exe MD5: ff8ed3c8f1986402dcf149032df03210 Size: 323.07 KB (323072 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
22.	1_4899dea44c874d4904b68df43980fed064437952dadc96168e8c97e3818d780d.exe	8f0ff55fc8c1ab906e112e746c8ffb85	0
Name: 1_4899dea44c874d4904b68df43980fed064437952dadc96168e8c97e3818d780d.exe MD5: 8f0ff55fc8c1ab906e112e746c8ffb85 Size: 389.12 KB (389120 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
23.	2_0e3a91c7461752d0c495e11b5ffe512385263ed3bf28510aca5cb77cc1afa907.exe	856e51733c368c88dc6dfd657ffd4a6b	0
Name: 2_0e3a91c7461752d0c495e11b5ffe512385263ed3bf28510aca5cb77cc1afa907.exe MD5: 856e51733c368c88dc6dfd657ffd4a6b Size: 408.62 KB (408620 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
24.	b90cd4196a296ea48d068260810b20cfd80c40b9f14f123f61629f360fad050a.exe	aa603f7f880a1386a6e496a7c8aa927b	0
Name: b90cd4196a296ea48d068260810b20cfd80c40b9f14f123f61629f360fad050a.exe MD5: aa603f7f880a1386a6e496a7c8aa927b Size: 417.11 KB (417110 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
25.	bfd9843f266e28caa90632742523045f59c21d100d582e89c0a2d402e30f4f10.exe	5d775cefc2e47a2f6516a9d33187d580	0
Name: bfd9843f266e28caa90632742523045f59c21d100d582e89c0a2d402e30f4f10.exe MD5: 5d775cefc2e47a2f6516a9d33187d580 Size: 407.42 KB (407428 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
26.	c6797d3159336b1871daaa8d73ad6b4032eb90a7a9dd053f103c13808b73c830.exe	00554b7653f4cbda353e0169b0e73c86	0
Name: c6797d3159336b1871daaa8d73ad6b4032eb90a7a9dd053f103c13808b73c830.exe MD5: 00554b7653f4cbda353e0169b0e73c86 Size: 414.62 KB (414628 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
27.	d277693bfbb820a1e9d911d7798e9998ca7212653ece7006448a7daae9b4ad9a.exe	462d38982d855cd8b5c870af7d88facb	0
Name: d277693bfbb820a1e9d911d7798e9998ca7212653ece7006448a7daae9b4ad9a.exe MD5: 462d38982d855cd8b5c870af7d88facb Size: 407.42 KB (407428 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016
28.	f4a39edc395821d77d0eaeb950b8f61512f2be336f8781b90e747980039a9a09.exe	769aa748f2d45d8d634158d69a8b4ba1	0
Name: f4a39edc395821d77d0eaeb950b8f61512f2be336f8781b90e747980039a9a09.exe MD5: 769aa748f2d45d8d634158d69a8b4ba1 Size: 400.03 KB (400036 bytes) Computers: 0 Type: Executable File Group: Malware file Last Updated: March 23, 2016

More files

Registry Details

Tesla/CryptoLocker Ransomware creates the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].html

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].txt

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].html

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].txt

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\payload[RANDOM CHARACTERS].exe

%APPDATA%\payload[RANDOM CHARACTERS].exe

%USERPROFILE%\DESKTOP\CryptoLocker.lnk

%USERPROFILE%\DESKTOP\HELP_TO_DECRYPT_YOUR_FILES.bmp

%USERPROFILE%\DESKTOP\HELP_TO_DECRYPT_YOUR_FILES.txt

EnigmaSoft Releases NEW SpyHunter Pro to Fight Malware, Enhance Privacy Protection, & Optimize PCs

Search

Change Region

Tesla/CryptoLocker Ransomware

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Tesla/CryptoLocker Ransomware

File System Details

Registry Details

Submit Comment

Trending

GmailHackerPro.pj!.1a

Snip & Sketch not Working on Windows 10

'Amazon Loyalty Program' Pop-Up Scam

Most Viewed

AntiMalware

DNS Unlocker

Antivirus Security Pro