AppVDllSurrogate.exe

  • File Path: C:\WINDOWS\system32\AppVDllSurrogate.exe
  • Description: Client DLL Surrogate Host

Hashes

Type Hash
MD5 2716BDC0F85BE8C06E64BA6B1B81CF08
SHA1 C21B9B1A40A66C607BFB837B93FCD6959C10411E
SHA256 61A143F28453946A88C9AA2310CB7127ECB2A58961B03C41413D6EC08A9E9924
SHA384 FDDF5E2868950EB49ED08ACA91C43B7DF4005582BBB30F2ED6111437CFB2C28CD83565EA591854D0267F7D3B3AA54CEA
SHA512 35879F1E64A7D88EB66BDE53031B331B2137B5D2FB9957FAAC358294F9F0271F8E1B6C46CB4CE9FC519AD3D91A0CB8F74E9C2B5F42BBECEC7930A3A6BD23AB64
SSDEEP 3072:QK1rSw/2Gh16I61drDlW3WGNU6ITLOO0DqM6:NrSw/2Gh16VrDloWGNU6ITLyl6
IMP 8F3A8A7CF0A2C957B21A450960AE1B4E
PESHA1 8CB7B58DBA32448B8F5DDB572909D3572AA44E10
PE256 46EA7DEDB655FE6EF32143F88A322FBF6E2B2EDE60D19949B431DF6D8E941201

Runtime Data

Loaded Modules:

Path
C:\WINDOWS\system32\AppVDllSurrogate.exe
C:\WINDOWS\System32\KERNEL32.DLL
C:\WINDOWS\System32\KERNELBASE.dll
C:\WINDOWS\SYSTEM32\ntdll.dll

Signature

  • Status: Signature verified.
  • Serial: 33000002ED2C45E4C145CF48440000000002ED
  • Thumbprint: 312860D2047EB81F8F58C29FF19ECDB4C634CF6A
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: AppVDllSurrogate.exe
  • Product Name: Microsoft Windows Operating System
  • Company Name: Microsoft Corporation
  • File Version: 10.0.22000.282 (WinBuild.160101.0800)
  • Product Version: 10.0.22000.282
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/72
  • VirusTotal Link: https://www.virustotal.com/gui/file/61a143f28453946a88c9aa2310cb7127ecb2a58961b03c41413d6ec08a9e9924/detection

File Similarity (ssdeep match)

File Score
C:\Windows\system32\AppVDllSurrogate.exe 35
C:\WINDOWS\system32\AppVDllSurrogate.exe 38
C:\Windows\system32\AppVDllSurrogate.exe 40
C:\Windows\system32\AppVDllSurrogate.exe 38
C:\Windows\system32\AppVDllSurrogate.exe 36
C:\Windows\system32\AppVFileSystemMetadata.dll 36
C:\Windows\system32\AppVManifest.dll 32
C:\Windows\system32\AppVNice.exe 35
C:\Windows\system32\AppVNice.exe 46
C:\Windows\system32\AppVNice.exe 47
C:\WINDOWS\system32\AppVNice.exe 40
C:\Windows\system32\AppVNice.exe 38
C:\WINDOWS\system32\AppVNice.exe 40
C:\Windows\system32\AppVScripting.dll 29
C:\Windows\system32\AppVShNotify.exe 33
C:\Windows\system32\AppVShNotify.exe 40
C:\Windows\system32\AppVShNotify.exe 36
C:\WINDOWS\system32\AppVShNotify.exe 32
C:\WINDOWS\system32\AppVShNotify.exe 35
C:\Windows\system32\AppVShNotify.exe 36
C:\Windows\system32\AppVStreamingUX.dll 50
C:\Windows\system32\AppVStreamMap.dll 38
C:\Windows\system32\mavinject.exe 41
C:\Windows\system32\mavinject.exe 38
C:\Windows\system32\mavinject.exe 35
C:\Windows\system32\mavinject.exe 36
C:\WINDOWS\system32\mavinject.exe 43
C:\Windows\system32\mavinject.exe 41
C:\WINDOWS\system32\mavinject.exe 44
C:\Windows\system32\mavinject.exe 35

MIT License. Copyright (c) 2020-2021 Strontic.