CallingShellApp.exe
- File Path:
C:\WINDOWS\SystemApps\Microsoft.Windows.CallingShellApp_cw5n1h2txyewy\CallingShellApp.exe
- Description: Calling App to host call progress on shell
Hashes
| Type |
Hash |
| MD5 |
A34A30EE9B35360BFEA457B3C3442124 |
| SHA1 |
0383410B384931EB237B5A0D192128433D940C7B |
| SHA256 |
92E2A2E81C2C9FB697C9FEA00B3CAA6814676C64FD17D05549EE116AF60D9B4E |
| SHA384 |
1C9E5F347AC29D61CB75439DBAEE13C86B31EAD1F8518635FBF39B7FB5A601639281B48ADE2B141CDB382076BE253B62 |
| SHA512 |
7F14C315B79F0204CD2F6D43241035DD5CB8D97D6838A7D9E367CA5B967178D76156BA61DDFFC9CA782F51C28CBCEB60BC142108A66BE178986A4FCD204E275B |
| SSDEEP |
3072:D6mRAtw2Noe0nDhu3SIR+bUhZuKunFReSmqqwG5js1dskhHT9+sJxR1B5pe:LePodoSIRTIF8yE5A95vX11 |
| IMP |
688FCCA7916CB8E5B1E19C4B0F627FC7 |
| PESHA1 |
C7025473F6468B9D5BB63896F5224311669BA623 |
| PE256 |
93104DBA58883DD61139E0228509729BAC9A8F60A53EA78F5D0946725571C7F6 |
Runtime Data
Loaded Modules:
| Path |
| C:\WINDOWS\System32\KERNEL32.DLL |
| C:\WINDOWS\System32\KERNELBASE.dll |
| C:\WINDOWS\SYSTEM32\ntdll.dll |
| C:\WINDOWS\SystemApps\Microsoft.Windows.CallingShellApp_cw5n1h2txyewy\CallingShellApp.exe |
Signature
- Status: Signature verified.
- Serial:
33000002ED2C45E4C145CF48440000000002ED
- Thumbprint:
312860D2047EB81F8F58C29FF19ECDB4C634CF6A
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: CallingShellApp.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.22000.120 (WinBuild.160101.0800)
- Product Version: 10.0.22000.120
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/73
- VirusTotal Link: https://www.virustotal.com/gui/file/92e2a2e81c2c9fb697c9fea00b3caa6814676c64fd17d05549ee116af60d9b4e/detection
MIT License. Copyright (c) 2020-2021 Strontic.