AuditShD.exe
- File Path:
C:\Windows\system32\oobe\AuditShD.exe
- Description: Audit Mode Desktop Switch Utility
Hashes
| Type |
Hash |
| MD5 |
35A5400520CB015BF0BDFD7FA9B81085 |
| SHA1 |
F8B942EFB86BCF8412DD7C19FD5E2873B9D8690E |
| SHA256 |
13B9F0F81E9EF9F77DA064A3DC483D873796BEDA8355520606C3A10B074D66E1 |
| SHA384 |
76A149D4EFD3C2738969643A666F083F33973E35A2A3E72687068C96C281E51D2750AF414BBDC0812C79668C951FD459 |
| SHA512 |
60FEE57EAB2276DEDD9EECB45589002482FE5E50FFD241BBA9EBF8E459D2244B5B7D25FBE08ED979ED72F26C0336C43ECF143CA0C2D30593D96BC069A1C773DD |
| SSDEEP |
768:jxYzrcby4T4vRUVK58bo4IVwQiPdrlxUdqPD6Z:ucbApz58ueLPdrlqdq+Z |
| IMP |
B1A6068BAA73FBE37CC0271811BDCDBC |
| PESHA1 |
961F1582C37F86354B611394519B7CA160872436 |
| PE256 |
C0BBF61577584C3E8691FA04D96E30466C99EAB7C2B7DDB49BBEB40D8269C1CA |
Runtime Data
Loaded Modules:
| Path |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\system32\oobe\AuditShD.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: AuditShD.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.572 (WinBuild.160101.0800)
- Product Version: 10.0.19041.572
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/76
- VirusTotal Link: https://www.virustotal.com/gui/file/13b9f0f81e9ef9f77da064a3dc483d873796beda8355520606c3a10b074d66e1/detection
MIT License. Copyright (c) 2020-2021 Strontic.