SrTasks.exe

  • File Path: C:\WINDOWS\system32\SrTasks.exe
  • Description: Microsoft Windows System Protection background tasks.

Hashes

Type Hash
MD5 1333D9F46AE3D79BADDD84FE11347261
SHA1 8FC69658B75818EDF4CB33902BB140CA2639F3FA
SHA256 DD8B82ABB81377966076A4C53F54FDB1AED85BE2370AEDE7589B8116204055E0
SHA384 356B24F050577995D38520B8D77CD587358CF78396795D719FBFD0E28C354B5E474D4A8C0621443966A029BCB91E5D67
SHA512 F5A29537FEC9C72EBE2734240FAA1B40E90C651BD89F2B3512815EA6B7BF6F42A17BF69339CE426D695C4A22614ABA9B6AECF1AAF7DBB01291BF0C8076E920D0
SSDEEP 1536:CvZ7YK/lQt9EXKIAES4cpKror9+NymAucl:cQjEawGKM4yRug

Signature

  • Status: Signature verified.
  • Serial: 330000023241FB59996DCC4DFF000000000232
  • Thumbprint: FF82BC38E1DA5E596DF374C53E3617F7EDA36B06
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: srtasks.exe.mui
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.18362.1 (WinBuild.160101.0800)
  • Product Version: 10.0.18362.1
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of SrTasks.exe being misused. While SrTasks.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_suspicious_vss_ps_load.yml - '\srtasks.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.