ff2705d0de6c188a2dc637e1d341b4fed1378543328704cbf4e30b1f02eaab77 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ff2705d0de6c188a2dc637e1d341b4fed1378543328704cbf4e30b1f02eaab77.exe

Resource

win7-20230220-en

laplas clipper evasion persistence stealer trojan

windows7-x64

10 signatures

300 seconds

Behavioral task

behavioral2

Sample

ff2705d0de6c188a2dc637e1d341b4fed1378543328704cbf4e30b1f02eaab77.exe

Resource

win10-20230220-en

laplas clipper evasion persistence stealer trojan

windows10-1703-x64

9 signatures

300 seconds

General

Target

ff2705d0de6c188a2dc637e1d341b4fed1378543328704cbf4e30b1f02eaab77
Size

2.9MB
MD5

028afcd4ee3a30be01e8f2c706afbfde
SHA1

0148d10c8ee91f94aebf98c7d2bf00df48381df7
SHA256

ff2705d0de6c188a2dc637e1d341b4fed1378543328704cbf4e30b1f02eaab77
SHA512

dc6a1eb2d1c7ec84b478afd2ecd48a6c9e309aa8ff61313a3f921c4556e8cd2cb77fe5728526422a969300d4e039f509024e04037ecbb95a3d2eacf820ff30cf
SSDEEP

49152:bPGr1J/od7ddFIbB65HJwP7QVBfMtup6qYmg8jLyefHuD+MUvYDL3bNt+jDpe:ber1Bod7dYV65HuP7QVikQUgKLyew+MF

Score

1^/10

Malware Config

Signatures

Files

ff2705d0de6c188a2dc637e1d341b4fed1378543328704cbf4e30b1f02eaab77
.exe windows x64

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 2.7MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.