Threat Database Ransomware Tesla/CryptoLocker Ransomware

Tesla/CryptoLocker Ransomware

By CagedTech in Ransomware

Threat Scorecard

Ranking: 15,266
Threat Level: 100 % (High)
Infected Computers: 930
First Seen: February 27, 2015
Last Seen: October 31, 2022
OS(es) Affected: Windows

SpyHunter Detects & Remove Tesla/CryptoLocker Ransomware

File System Details

Tesla/CryptoLocker Ransomware creates the following file(s):
# File Name MD5 Detections
1. syscop.exe 112a0c0def505c451ae38d3bfdf1bd4e 84
2. setap_c.exe 5b3eb320b4bb42be530df72efe5cb8c1 53
3. safe00.exe 4f14e9c72c1593a178d8a5d3e36ad334 51
4. setap00.exe eb60d7e742bdfe33d758279086706091 25
5. Payload22.exe 7018ffe0b27a6ef44b117d4af65131bd 19
6. Payload.exe 87a34f1943a70279f4340ea5817993ad 15
7. setap_c.exe c5614b16ba6d272f6b4afe6aec9f35b1 14
8. Payload_c.exe 8e4c5d3d2f39223e5cd94f14573a6edf 14
9. setap02.exe 53949ebc5fb47c3935b10cec7af22686 14
10. Siddhi.exe 61e49800de3309c4868e6769412e6356 9
11. Payload.exe 325b40360e734dd1a6107c8237ebfb64 9
12. Payload_c.exe c05d574ca856193fa56db0d8df0d0413 8
13. Payload.exe e732ae87a7c9bb7b7cada6310405a0a0 6
14. Payload3.exe ab36cbde836d67c5a7e145ae80518b35 5
15. Payload.exe 2acc10b7916dba194aa3a19f548d10db 4
16. setap00.exe f2aedf8b08ba3b2f3140cb0bc377ea00 3
17. Payload.exe 8d386b0a03c9a408a754b008e04fcfad 2
18. 10_702a052b82756bcc7fb65feb9cb2a09dd355435bec8e4693552f757e28295a43.exe 408a8ff4b1c450a821b92fb6b0a82c5c 0
19. 10_ae9b21c99e2fe6de0b887fa770e3a8a9c97dd606b806e4034581ac9d49a20a39.exe 4b09737d16730f04f2b69a63b01a5c13 0
20. 11_c287134e0c88e25691c8c39ccf7e448ef9fb44cba42422e2a4629406f1edbb6d.exe 3211e1b4018a4d4a0b2e4b1e29ec8ba1 0
21. 11_c9542ebcb606682b97b83f914ced04549b032b3c9b343d3592281c4e594cbbeb.exe ff8ed3c8f1986402dcf149032df03210 0
22. 1_4899dea44c874d4904b68df43980fed064437952dadc96168e8c97e3818d780d.exe 8f0ff55fc8c1ab906e112e746c8ffb85 0
23. 2_0e3a91c7461752d0c495e11b5ffe512385263ed3bf28510aca5cb77cc1afa907.exe 856e51733c368c88dc6dfd657ffd4a6b 0
24. b90cd4196a296ea48d068260810b20cfd80c40b9f14f123f61629f360fad050a.exe aa603f7f880a1386a6e496a7c8aa927b 0
25. bfd9843f266e28caa90632742523045f59c21d100d582e89c0a2d402e30f4f10.exe 5d775cefc2e47a2f6516a9d33187d580 0
26. c6797d3159336b1871daaa8d73ad6b4032eb90a7a9dd053f103c13808b73c830.exe 00554b7653f4cbda353e0169b0e73c86 0
27. d277693bfbb820a1e9d911d7798e9998ca7212653ece7006448a7daae9b4ad9a.exe 462d38982d855cd8b5c870af7d88facb 0
28. f4a39edc395821d77d0eaeb950b8f61512f2be336f8781b90e747980039a9a09.exe 769aa748f2d45d8d634158d69a8b4ba1 0
More files

Registry Details

Tesla/CryptoLocker Ransomware creates the following registry entry or registry entries:
Regexp file mask
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].html
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].txt
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].html
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\how_recover+[RANDOM CHARACTERS].txt
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\payload[RANDOM CHARACTERS].exe
%APPDATA%\payload[RANDOM CHARACTERS].exe
%USERPROFILE%\DESKTOP\CryptoLocker.lnk
%USERPROFILE%\DESKTOP\HELP_TO_DECRYPT_YOUR_FILES.bmp
%USERPROFILE%\DESKTOP\HELP_TO_DECRYPT_YOUR_FILES.txt

Trending

Most Viewed

Loading...