398a2a77f0399f0847d224921c35af02502f20579a1d3a5c4641fe158f0354e1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

398a2a77f0...e1.exe

windows7_x64

398a2a77f0...e1.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

398a2a77f0399f0847d224921c35af02502f20579a1d3a5c4641fe158f0354e1.exe

Resource

win7-20220414-en

teslacrypt persistence ransomware suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

398a2a77f0399f0847d224921c35af02502f20579a1d3a5c4641fe158f0354e1.exe

Resource

win10v2004-20220414-en

teslacrypt persistence ransomware spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

General

Target

398a2a77f0399f0847d224921c35af02502f20579a1d3a5c4641fe158f0354e1
Size

280KB
MD5

61b57f81ee04299f8ba3c16d15505363
SHA1

13001b7875921a5ec553f11cc7c2e2f129179ef9
SHA256

398a2a77f0399f0847d224921c35af02502f20579a1d3a5c4641fe158f0354e1
SHA512

ce9326ae5cf48a739ea1b373e4f926804f07ded2bd476400474885c2548f3b56f5f33af2b193e6dbe1d6f5666c1ec506a8a80268582770cbb35b97e1e8a9b78e
SSDEEP

6144:s4zV5UJGEVE8nZyCp2O/+cSXjuOHt2rypnR+Gg8:vzWWeUQ+c2KsGsR+i

Score

N/A

Malware Config

Signatures

Files

398a2a77f0399f0847d224921c35af02502f20579a1d3a5c4641fe158f0354e1
.exe windows x86

c8f776cb22138bd84d253e4e88db3700

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

OffsetRgn
GetMapMode
GetWindowOrgEx

version

GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueW
GetFileVersionInfoW

advapi32

LookupPrivilegeValueW
RegEnumKeyExA
CreateProcessAsUserW
RegSetKeySecurity
RegCreateKeyA
RegOverridePredefKey
LsaQueryInformationPolicy
SetEntriesInAclW
GetKernelObjectSecurity
OpenProcessToken
SetFileSecurityA
InitializeSid
CreateServiceW
RegQueryValueW
RegSetValueExW
RegDeleteKeyA
RegOpenKeyExW
MakeAbsoluteSD
GetServiceDisplayNameW

msvcrt

_controlfp
swscanf
__set_app_type
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
abs
ungetwc
sinh
putc
__dllonexit
_inp
_wtoi64
__p__fmode

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy