msdtc.exe

  • File Path: C:\Windows\system32\msdtc.exe
  • Description: Microsoft Distributed Transaction Coordinator Service

Hashes

Type Hash
MD5 308F08347923DEEDE7BC03EC7D485841
SHA1 0406220A6B6839D6C8156AFA6CD8FCA9C3381F80
SHA256 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0
SHA384 08F5E14EC99E40AFBBE7402D67088CC704099279056A8668ADB678F63430DA8A3AB9B4397BF25E3C4227A87C48ADBB1F
SHA512 458968E24E0742BEF61C9EEBFC7C030BB9855AB309AD5A74ABDCDD185A079E87864B3363A72A79F7CA7BD20D396D3DD2C7413FAACE72D56CA50B37B4271C96AD
SSDEEP 1536:fA8sWX8TTs0Uv/v6qlDgGf61w1A0a4qDLZAQcEzok3E8vroH3S7NtiXE/Lk:IWKunXpf6/v7fcmEAkyXiqk

Signature

  • Status: Signature verified.
  • Serial: 33000000BCE120FDD27CC8EE930000000000BC
  • Thumbprint: E85459B23C232DB3CB94C7A56D47678F58E8E51E
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MSDTC.EXE.MUI
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 2001.12.10941.16384 (rs1_release.160715-1616)
  • Product Version: 10.0.14393.0
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

File Similarity (ssdeep match)

File Score
C:\Windows\system32\msdtc.exe 63
C:\Windows\system32\msdtc.exe 68
C:\windows\system32\msdtc.exe 66
C:\WINDOWS\system32\msdtc.exe 71
C:\WINDOWS\system32\msdtc.exe 65

Possible Misuse

The following table contains possible examples of msdtc.exe being misused. While msdtc.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_pingback_backdoor.yml Image\|endswith: 'msdtc.exe' DRL 1.0
sigma proc_creation_win_apt_lazarus_session_highjack.yml - '\msdtc.exe' DRL 1.0
sigma proc_creation_win_pingback_backdoor.yml - 'msdtc' DRL 1.0
malware-ioc 2021_T2 Msdtc © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.