CastSrv.exe
- File Path:
C:\Windows\system32\CastSrv.exe
- Description: Casting protocol connection listener
Hashes
| Type |
Hash |
| MD5 |
8DF5338AC4CA3EF50EE1E91D4D497B68 |
| SHA1 |
03ABE6662F0E12CEDA903CB155CEFFA5B87F28C2 |
| SHA256 |
D3254833F27C07ABA89ADF18DF3D01BAEEC74D0983EDF5B6045CADAA0E7D2419 |
| SHA384 |
4A78C730EE5300B8F684D674538C16F279135F03CB84765DA32E8E910007DDB7C1E5065C585A2E49FA063734B3B3A4B8 |
| SHA512 |
7A7CF997FD4EFE1277A00A2DCA4C0D7DA2735522EA0AE78E113AE6B36255BF116E1B8E6A3C1ED2C52943C6E1BFD385E431E326D6B2277E0B9288537333221FA8 |
| SSDEEP |
768:Bs03+16uifL/TQwJEORR/z+osFABNdN0I0twZAwJOy2s6HjKj2Bp0W+auo8r6wDP:O2HxnsFK6Duqw1P6DKaBp7+auoCPJ |
| IMP |
9903CD922A38DEE760918B0D80CEB7B0 |
| PESHA1 |
F95EAB3CC2A06B36BD611BDB1251BEDD7F7FE5B5 |
| PE256 |
C502030B09328C9E6E427C67BB5497C1ED49624E99A0873E45EDA8269745D42E |
Runtime Data
Open Handles:
| Path |
Type |
| (RW-) C:\Users\user |
File |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Windows\system32\CastSrv.exe |
| C:\Windows\System32\combase.dll |
| C:\Windows\System32\KERNEL32.DLL |
| C:\Windows\System32\KERNELBASE.dll |
| C:\Windows\System32\msvcrt.dll |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\RPCRT4.dll |
| C:\Windows\System32\shcore.dll |
| C:\Windows\System32\ucrtbase.dll |
Signature
- Status: Signature verified.
- Serial:
33000002EC6579AD1E670890130000000002EC
- Thumbprint:
F7C2F2C96A328C13CDA8CDB57B715BDEA2CBD1D9
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: CastSrv.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.746 (WinBuild.160101.0800)
- Product Version: 10.0.19041.746
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 64-bit
File Scan
- VirusTotal Detections: 0/72
- VirusTotal Link: https://www.virustotal.com/gui/file/d3254833f27c07aba89adf18df3d01baeec74d0983edf5b6045cadaa0e7d2419/detection
MIT License. Copyright (c) 2020-2021 Strontic.