AppVClient.exe

  • File Path: C:\Windows\system32\AppVClient.exe
  • Description: Microsoft Application Virtualization Client Service

Hashes

Type Hash
MD5 6D386C4567836ED0F6188419C653F46C
SHA1 FBBBF818FE872F537CC6A453F726B5514591C37C
SHA256 51E3B575FB7A4D6469D4217399118414C8F377A03FC7FEF715AF90612144DBD8
SHA384 7CF52A43FF1DDF6CE8B2DA2657E452CC07D0668E884326D62AFA319536BCB66A432C86C02721960EADC55651D91E7355
SHA512 037DD28D3FD02063E074347C64B8642A00308683B68B38708DA5410BA26B0FCB58CC28A04DD506DA393FAE13C3C33D827993CCEB988AB563A5343B9BA9B0D111
SSDEEP 24576:DSXrvk0fpTNboKb1uNclDsaefhjKWN3mlt9NcGXWbDyLM6a6hpf2:Dwrvk08WNlwaahjKWNc9NcGXWfyL7LpO

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: AppVClient.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.14393.3471 (rs1_release_1.191218-1729)
  • Product Version: 10.0.14393.3471
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.

Possible Misuse

The following table contains possible examples of AppVClient.exe being misused. While AppVClient.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma proc_creation_win_wmi_spwns_powershell.yml - AppvClient DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.