TeslaCrypt 2.0 Code

JM Safe

Level 39
Thread author
Verified
Top Poster
Apr 12, 2015
2,882
LINK: http://www.infosecdailynews.com/teslacrypt-2-0-disguised-as-cryptowall/

Hi everyone, in this thread I want to post part of code of this dangerous ransomware.

Key data saved in system:

tesla_crypt_en_5.png


And this should be the same code in C language:

tesla_crypt_en_6.png


Infected system:

tesla_crypt_en_7.png


File encryption:

tesla_crypt_en_8.png


And this should be the same code in C language

tesla_crypt_en_9.png


Evading detection:

tesla_crypt_en_10.png


C&C communication:


tesla_crypt_en_11.png


 
Last edited:
L

LabZero

Hi everyone, in this thread I want to post part of code of this dangerous ransomware.

Key data saved in system:

tesla_crypt_en_5.png


And this should be the same code in C language:

tesla_crypt_en_6.png


Infected system:

tesla_crypt_en_7.png


File encryption:

tesla_crypt_en_8.png


And this should be the same code in C language

tesla_crypt_en_9.png


Evading detection:

tesla_crypt_en_10.png


C&C communication:


tesla_crypt_en_11.png
Can you add source ? :)
 
  • Like
Reactions: JM Safe

Moose

Level 22
Jun 14, 2011
2,271
Salutations,

Are there any AV's solutations, that stop this headcahe?
And clean TeslaCrypt 2.0 Code off of your PC?

What about Cryptoprevent,Sandboxie, Shadow Defender and Toolwiz Time Free.
Can they stop the above?

Kind regards,
 
Last edited:

Cch123

Level 7
Verified
May 6, 2014
335
You plagiarized the whole thing from Kaspersky, you should at least link to the original article here: https://securelist.com/blog/research/71371/teslacrypt-2-0-disguised-as-cryptowall/
as @Enju has mentioned and not this
which itself was not even present when you first posted. I don't want to speculate why you do not want to link directly to the original source even though Enju has mentioned "Kaspersky", but instead choose to update your post with a source that reposted from Kaspersky. I think it will do the original author more justice if you link directly to his article.
 

JM Safe

Level 39
Thread author
Verified
Top Poster
Apr 12, 2015
2,882
You plagiarized the whole thing from Kaspersky, you should at least link to the original article here: https://securelist.com/blog/research/71371/teslacrypt-2-0-disguised-as-cryptowall/
as @Enju has mentioned and not this

which itself was not even present when you first posted. I don't want to speculate why you do not want to link directly to the original source even though Enju has mentioned "Kaspersky", but instead choose to update your post with a source that reposted from Kaspersky. I think it will do the original author more justice if you link directly to his article.
Your comment is useful LOL :p
With regards, Jo Man
 
  • Like
Reactions: LabZero

JM Safe

Level 39
Thread author
Verified
Top Poster
Apr 12, 2015
2,882
Salutations,

Are there any AV's solutations, that stop this headcahe?
And clean TeslaCrypt 2.0 Code off of your PC?

What about Cryptoprevent,Sandboxie, Shadow Defender and Toolwiz Time Free.
Can they stop the above?

Kind regards,
Wow a lot of questions :D
Anyway the most advanced AVs can block TeslaCrypt 2.0, as the version 2.0 is less
easy to detect then the first version of the malware.
To ask your last question in my opinion is difficult to say if these programs can block completely the malware, I hope yes, but I'm not sure.
Anyway sometimes ago I watched a video that showed these type of software can block the virus, because it is isolated from the real system.
Regards,

Jo Man
 
Last edited:
  • Like
Reactions: Moose and LabZero

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top