CertEnrollCtrl.exe
- File Path:
C:\Windows\SysWOW64\CertEnrollCtrl.exe
- Description: Certificate Enrollment Control
Hashes
| Type |
Hash |
| MD5 |
8929EBB0CCABE2B6001440E138A7DFB5 |
| SHA1 |
C49515EEDE37A81C100378D228F03321FCC485B8 |
| SHA256 |
18F25C1F71BFBA5BB2D159228C0563CAA54BEEAF2F732DD2B614E77024A97A6C |
| SHA384 |
D6F82B63829DBACB1CA410D6B5E28C03AC8BE19E1612C0B3C945C740DCB2ED1D21E4596A008CB55156DCAF7CE39EFFBF |
| SHA512 |
AD9D7DE3145FB44DBE8E8670D88DF8930D51DF95CDA3586719F8448BE23F8F7E26456205FB1AC63D7B2C0A7611A6A1148BFBD7C64A200BD014EAC7462E13F697 |
| SSDEEP |
768:VrLB44+MF3lUR5qiavKHjiPqqymtnY5xpI+wLUEvK9uwY+LmGZmR++Ah:V3h3+RfHeSan6xpI+cVvFmZmR++k |
| IMP |
EABE8C5D3BBE7BB90E7C03DED23530EE |
| PESHA1 |
83C805F6EA1341A0E7C188F7CC36DC3B2733BAF5 |
| PE256 |
FF34206B07C24BB66ACB1F61983FCF8E3F031FA83716EC567A4F1B973641038A |
Runtime Data
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\CertEnrollCtrl.exe.mui |
File |
| (RW-) C:\Users\user |
File |
| (RW-) C:\Windows |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
Loaded Modules:
| Path |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
| C:\Windows\SysWOW64\CertEnrollCtrl.exe |
Signature
- Status: Signature verified.
- Serial:
3300000266BD1580EFA75CD6D3000000000266
- Thumbprint:
A4341B9FD50FB9964283220A36A1EF6F6FAA7840
- Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
- Original Filename: EnrollComServer.exe
- Product Name: Microsoft Windows Operating System
- Company Name: Microsoft Corporation
- File Version: 10.0.19041.546 (WinBuild.160101.0800)
- Product Version: 10.0.19041.546
- Language: English (United States)
- Legal Copyright: Microsoft Corporation. All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/75
- VirusTotal Link: https://www.virustotal.com/gui/file/18f25c1f71bfba5bb2d159228c0563caa54beeaf2f732dd2b614e77024a97a6c/detection
File Similarity (ssdeep match)
MIT License. Copyright (c) 2020-2021 Strontic.